indexo.dev

lefkada-travel.com

.com crawl

First seen 2026-04-17 · Last seen 2026-05-15 · ok HTTP/1.1 200 6313 ms crawled 2026-05-12

US · 13.248.140.34 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Luxury Villa Rentals South Lefkada | Sivota Bay Vacation Homes
Description
Lefkada Travel offers handpicked luxury villas in South Lefkada and Sivota Bay. Private infinity pools, sea access, and stunning views. Weekly rentals managed by local experts since 2000. Book direct for best rates
Language
en
Canonical
https://www.lefkada-travel.com/

Technology

Analytics
  • Google Tag Manager
Fonts
  • Google Fonts
Third-party hosts loaded (10)
  • d6644ef6a12fcfb82f3f-5d6761b1e7eae8e264ad220502fbb6f0.ssl.cf5.rackcdn.com×5
  • res-4.cloudinary.com×4
  • res-3.cloudinary.com×2
  • res-5.cloudinary.com×2
  • www.googletagmanager.com×2
  • cdn.bookingsync.io×1
  • code.jquery.com×1
  • fonts.googleapis.com×1
  • maps.googleapis.com×1
  • netdna.bootstrapcdn.com×1

Social

Contact

Phone

Registration

Registrar
Gandi SAS
Created
2008-10-14
Expires
2026-10-14 145 days left
Updated
2025-07-16
Name servers
  • ns-104-a.gandi.net
  • ns-26-c.gandi.net
  • ns-86-b.gandi.net

DNS records live

NS
  • ns-104-a.gandi.net
  • ns-26-c.gandi.net
  • ns-86-b.gandi.net
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com

Email authentication partial

SPF
v=spf1 include:_mailcust.gandi.net include:sendersrv.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

R13
from 2026-04-02 to 2026-07-01
Expires in 41 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.lefkada-travel.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing content type protection
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
sameorigin
permissions-policy
camera=(), geolocation=()
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; connect-src *; font-src * data:; frame-ancestors 'self' www.bookingsync.com *.bookingsync.com *.smily.com; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline' blob:; worker-src * blob:
strict-transport-security
max-age=31536000; includeSubDomains

Links to (5)

Linked from (2)