indexo.dev

kooth.com

.com crawl

First seen 2026-04-13 · Last seen 2026-05-15 · ok HTTP/1.1 200 1031 ms crawled 2026-05-06

US · 104.18.5.76 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Language
en

Technology

CDN
Cloudflare

Registration

Registrar
Amazon Registrar, Inc.
Created
2003-06-19
Expires
2026-06-19 31 days left
Updated
2025-05-15
Name servers
  • kirk.ns.cloudflare.com
  • laura.ns.cloudflare.com

DNS records live

NS
  • kirk.ns.cloudflare.com
  • laura.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 20 TXT records
  • rippling-domain-verification=cd4a4fb3cad2f972
  • segment-site-verification=bxqDQb3rZSymdSMbORwxjwvcpZwGIbkc
  • google-site-verification=tAad4D9q_QRjj76kGE89-kHkrG10tqvkGMBeTaDBmq4
  • apple-domain-verification=Dck80LqtGj7v8pxu
  • miro-verification=7c20f58cb91d9d36a24bdbbdc500b2ec8951a3ee
  • ZOOM_verify_wHpJVDSOTcCoU3Yzhors0w
  • facebook-domain-verification=dq7myf4tkle9nm0nm1ss64k5bebjbd
  • google-site-verification=GV8AbeX76WyFJSM3OmtU11qis-hmnBPrmXXIqGLvZUM
  • atlassian-sending-domain-verification=dc13dbb3-38f1-4973-9418-fe020669682e
  • sending_domain1106031=d4a84971b24a9ad3da210bac1d78da3205c1b6709ad064804dc07f606ba7664e
  • airtable-verification=8899cfd0ad01cf47054ce4f9dee4bb6d
  • google-site-verification=L8-51TOtI9Pg5CSYxLwW4CygzJsDbncNBDFZzyjtfW8
  • MS=ms74433435
  • slack-domain-verification=p9X8h21d4Mco2CHrXQs8WAOTO1HvBBwjUqwNiRf4
  • jamf-site-verification=pWNtzWQ3eIn8_vc09m8M-Q
  • miro-verification=fc7dbcad273db6739a5f2142a0c2cb12980266e0
  • mixpanel-domain-verify=0a188bec-54d0-4b7c-9098-a984f48dea52
  • anthropic-domain-verification-sbp5f3=PUY5DO6RiEssgnJfvJOsdwsr3
  • canva-site-verification=DY8s7Ovsn33jZwPnjovOkg
  • monday-com-verification=5D46nLg0-ItsKMfvWm7kORmPiMIpp5kdMDxMweKMlvE

Email authentication strong

SPF
v=spf1 include:_u.kooth.com._spf.smart.ondmarc.com ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; pct=100; sp=none; rua=mailto:314bffc5@inbox.ondmarc.com; ruf=mailto:314bffc5@inbox.ondmarc.com; adkim=r; aspf=r; fo=0; rf=afrf; ri=3600
policy: reject (enforced) · sp=none
DKIM
Show 4 DKIM selectors
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhuBNjgnwh/7VDX6BgIJ349I9n5rvIzi/XBL9QkeOwRNwNH3MHtQZlnLDHXly5W+wvQh9AI75C/zZX…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf+uYw+fYBQGsbUmg5k6A552F2eusiK2ytptcLQY45mrLh7pgQzNpyr1YBLwbMAjHDLJQek3xcBAgpa0pC…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkdB53C3fStFpuP36H/MH9BLzfUTxV65y8ANRCs/AI8sWSY+S4Q/nDmtPhYL1aUHpw2tMKOuTjEOxwHW3pcmzMmz…
selectors probed

Certificate (current)

WE1
from 2026-04-17 to 2026-07-16
Expires in 58 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.kooth.com/

present
  • strict-transport-security
  • content-security-policy
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com wss://*.twilio.com *.snapchat.com media.twiliocdn.com flex-api.twilio.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com www.googletagmanager.com *.doubleclick.net connect.facebook.net sc-static.net *.snapchat.com media.twiliocdn.com flex-api.twilio.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com https://demo-serenity.koothapi.com https://serenity.koothapi.com ws
strict-transport-security
max-age=15552000
content-security-policy-report-only
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com wss://*.twilio.com *.snapchat.com media.twiliocdn.com flex-api.twilio.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com www.googletagmanager.com *.doubleclick.net connect.facebook.net sc-static.net *.snapchat.com media.twiliocdn.com flex-api.twilio.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com https://next-serenity.koothapi.com wss://*.xenzonegroup.com wss://*

Linked from (6)