indexo.dev

karolinafund.com

.com crawl

First seen 2026-05-12 · Last seen 2026-05-18 · ok HTTP/1.1 200 5921 ms crawled 2026-05-18

IS · 185.112.145.153 · AS44925 1984 ehf

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title
Karolina Fund
Language
EN

Technology

Server
Apache
CMS
Gatsby
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (3)

  • d2tnn0p1wwhikn.cloudfront.net×1
  • fonts.googleapis.com×1
  • www.googletagmanager.com×1

Social

Contact

Email
Phone

Registration

Registrar
PDR Ltd. d/b/a PublicDomainRegistry.com
Created
2011-02-12
Expires
2027-02-12 267 days left
Updated
2026-02-01
Name servers
  • aron.ns.cloudflare.com
  • piotr.ns.cloudflare.com

DNS records live

NS
  • aron.ns.cloudflare.com
  • piotr.ns.cloudflare.com
MX
  • 10 mx1.1984.is
  • 20 mx2.1984.is
TXT
  • 756KBPTDZiT5UNj9SMdmKm9cGE1xq3KerL4NlIKtnoI=
  • MS=5002ED416C9D42E84BA46D002F58E3CED2F7E700
Verified for
  • Google

Email authentication partial

SPF
v=spf1 include:eu.zeptomail.net include:_spf.1984.is include:eu.zcsend.net include:mxsmtp.sendpulse.com +a +mx ~all
softfail (~all)
DMARC
v=DMARC1; p=none; rua=mailto:6bca33ec66c64a9c968fc0e6ecdbad88@dmarc-reports.cloudflare.net;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-04-26 to 2026-07-25
Expires in 65 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.karolinafund.com/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' *.gstatic.com *.googletagmanager.com *.amplitude.com *.adrifund.com *.funde.no *.tinymce.com *.karolinafund.com *.crowdfarm.dk *.lemonway.fr *.payxpert.com d2tnn0p1wwhikn.cloudfront.net clients1.google.com cse.google.com www.google.com *.google-analytics.com *.facebook.net *.facebook.com *.vimeo.com *.addthis.com *.googleapis.com *.bootstrapcdn.com stats.g.doubleclick.net *.soundcloud.com soundcloud.com *.youtube.com *.w3.org *.ogp.me *.mailerlite.com *.karolina.io *.slize.me;img-src * blob: data:;font-src data: d2tnn0p1wwhikn.cloudfront.net *.tinymce.com fonts.gstatic.com 'self' *.bootstrapcdn.com;style-src *.tinymce.com www.google.com d2tnn0p1wwhikn.cloudfront.net *.addthis.com 'self' 'unsafe-inline' cse.google.com *.bootstrapcdn.com *.googleapis.com; frame-src 'self' *.vimeo.com *.facebook.com *.youtube.com *.soundcloud.com *.google.com

Links to (4)

Linked from (2)