indexo.dev

habitatescapes.com

.com crawl

First seen 2026-04-21 · Last seen 2026-05-18 · ok HTTP/1.1 200 6481 ms crawled 2026-05-15

GB · 188.65.39.25 · AS204167 Hyve Ltd

Reputation 100/100

Classifying

HTML metadata

Title
Habitat Escapes - Luxury Lakeside Holidays
Description
Luxury lakeside holiday rentals in Dorset & The Cotswolds. 2-6 bedroom properties, enjoy on-site facilities including award-winning spas. Book online today!
Language
en
Canonical
https://www.habitatescapes.com/

Technology

Analytics
  • Google Tag Manager
Fonts
  • Font Awesome
Social widgets
  • YouTube Embed
Third-party hosts loaded (12)
  • cdnjs.cloudflare.com×4
  • code.jquery.com×2
  • snapwidget.com×2
  • stackpath.bootstrapcdn.com×2
  • www.google.com×2
  • ajax.aspnetcdn.com×1
  • api.feefo.com×1
  • cdn.cookie-script.com×1
  • cdn.jsdelivr.net×1
  • use.fontawesome.com×1
  • www.googletagmanager.com×1
  • www.youtube.com×1

Social

Contact

Phone

Registration

Registrar
Register SPA
Created
2013-09-12
Expires
2027-09-12 480 days left
Updated
2026-03-03
Name servers
  • ns0.phase8.net
  • ns1.phase8.net
  • ns2.phase8.net

DNS records live

NS
  • ns0.phase8.net
  • ns1.phase8.net
  • ns2.phase8.net
MX
  • 1 habitatescapes-com.mail.protection.outlook.com
TXT
Show 5 TXT records
  • _globalsign-domain-verification=hcl3L2WN4orkEiM6wa5LOAd9197LE-YeY7heSBoeM2
  • google-site-verification=gRf4glMnEIgMyf1nV3Gd3od4y_EPrO2S4Jpc7c7j_Ao
  • pardot512721=b96dea0cbbbaf4cb4e51533b8e1c7d59309027e6671607a14aaa7878d67439c5
  • MS=ms40006256
  • _globalsign-domain-verification=CG-U2jYPmfCzRHbsqWwt8PVfug9TPBskL6EECT4-MT

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com include:aspmx.pardot.com include:servers.mcsv.net -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; pct=100; rua=mailto:dmarcmail@habitatfirstgroup.com; ruf=mailto:dmarcmail@habitatfirstgroup.com; fo=1
policy: quarantine
DKIM
Show 5 DKIM selectors
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDKgdqegPFScAleNWKXbelVByXkUsDZ+ubvWikNTYVvConSb4TpINikrX27sTh/iYrU8Y5CAPoJ4oqCNMWq09…
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuztrJo6blS9V+wGGb9OSrFqi2LCPt1iK/PXOqisnr63pUygjU+gqsbK5XWpoYEyjcdlTUFt3+NW574maDW…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTNgk2vcqG7aZPX+6V0qDLQ9UDDW7SKhnwA/7ussiCcOyWolxP02sTipYcbqfz1xzZmBi+gNrp2SXTPMYEXXQyfc…
selectors probed

Certificate (current)

GlobalSign GCC R6 AlphaSSL CA 2023
from 2024-12-28 to 2026-01-29
Expired 110 days ago

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.habitatescapes.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
x-content-type-options
nosniff
content-security-policy
default-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://*.gstatic.com https://*.recaptcha.net https://*.snapwidget.com https://*.googletagmanager.com https://*.google-analytics.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net *; connect-src 'self' https://*.google.com https://*.gstatic.com https://*.recaptcha.net https://*.snapwidget.com https://*.google-analytics.com https://*.analytics.google.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net *; frame-src 'self' https://*.google.com https://*.recaptcha.net https://*.snapwidget.com *; img-src 'self' https://*.gstatic.com https://*.snapwidget.com https://*.google-analytics.com data: *; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net *; font-src 'self' https://*.gstatic.com https://cdnjs.cloudflare.com https://cdn.jsdeliv
strict-transport-security
max-age=31536000; includeSubDomains

Links to (5)

Linked from (4)