indexo.dev

getcarefull.com

.com crawl

First seen 2026-04-25 · Last seen 2026-05-15 · ok HTTP/1.1 200 359 ms crawled 2026-05-18

US · 13.33.235.35 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Carefull | The financial safety service
Description
Official Web
Language
en
Generator
Gatsby 5.13.3

Open Graph

title
Carefull | The financial safety service
description
Official Web

Technology

CDN
Amazon CloudFront
Server
AmazonS3
CMS
Gatsby
Analytics
  • Google Tag Manager

Third-party hosts loaded (1)

  • www.googletagmanager.com×1

Registration

Registrar
NameCheap, Inc.
Created
2019-02-01
Expires
2027-02-01 256 days left
Updated
2026-01-02
Name servers
  • ns-1301.awsdns-34.org
  • ns-141.awsdns-17.com
  • ns-1550.awsdns-01.co.uk
  • ns-663.awsdns-18.net

DNS records live

NS
  • ns-1301.awsdns-34.org
  • ns-141.awsdns-17.com
  • ns-1550.awsdns-01.co.uk
  • ns-663.awsdns-18.net
MX
  • 1 aspmx.l.google.com
  • 10 aspmx2.googlemail.com
  • 10 aspmx3.googlemail.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • linkedin-site-verification=d3e64276-10fb-4af2-a136-d7939ac14eb8
  • sophos-domain-verification=be17635a2eb6aee6841a7ddc4026445b0a0c240473f13f5d0c61ba22b9bd35f7
  • MS=FA1C3EB0572E36AD6883E63F20189C60991F2155
Verified for
  • Anthropic
  • Apple
  • Google
  • Meta
  • OpenAI
  • Segment

Email authentication strong

SPF
v=spf1 include:amazonses.com include:_spf.google.com include:22110330.spf01.hubspotemail.net include:mail.zendesk.com ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; sp=none; rua=mailto:zrdsuuay@ag.us.dmarcian.com,mailto:dmarc@getcarefull.com; ruf=mailto:zrdsuuay@fr.us.dmarcian.com,mailto:dmarc@getcarefull.com; aspf=r; adkim=r;
policy: reject (enforced) · sp=none
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhNqnRg3Vuw7rUpB3iTkRfP3sE2XLy39Gw9W44BO0q0GmjYSY41eUUsRRncveYMd8z0hluooaVPAKV…
selectors probed

Certificate (current)

Amazon RSA 2048 M01
from 2026-01-14 to 2027-02-13
Expires in 268 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://getcarefull.com/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-security-policy
default-src 'self' blob: ;img-src https: data:;script-src *.adroll.com 'unsafe-inline' 'self' 'unsafe-eval' blob: js.hs-scripts.com *.hsforms.net *.intercomcdn.com *.intercom.io *.zendesk.com *.zdassets.com js.hs-analytics.net js.hsadspixel.net js.hscollectedforms.net js.hs-banner.com js.hubspot.com cdn.getkoala.com tools.refokus.io tools.refokus.com cdn.jsdelivr.net googleads.g.doubleclick.net www.google-analytics.com connect.facebook.net cdnjs.cloudflare.com customerioforms.com *.website-files.com d3e54v103j8qbb.cloudfront.net ajax.googleapis.com www.googletagmanager.com *.posthog.com *.licdn.com snap.licdn.com ;style-src * 'unsafe-inline' *.posthog.com;connect-src 'self' *.adroll.com adroll.com wss://*.intercom.io *.intercomcdn.com *.intercom.io wss://*.zendesk.com *.zendesk.com *.zdassets.com api.getkoala.com cta-service-cms2.hubspot.com forms.hscollectedforms.net api.hubapi.com wss://api.getkoala.com stats.g.doubleclick.net customerioforms.com *.google-analytics.com analytics.goog
strict-transport-security
max-age=31536000

Linked from (1)