indexo.dev

thecode.org

.org crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 3136 ms crawled 2026-05-18

US · 50.116.51.118 · AS63949 Akamai Connected Cloud

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
We protect children in travel and tourism — The Code
Language
en-US
Generator
Elementor 4.0.8; features: e_font_icon_svg, additional_custom_breakpoints; settings: css_print_method-external, google_font-enabled, font_display-swap
Canonical
https://thecode.org/
Feeds

Open Graph

url
https://thecode.org/
title
We protect children in travel and tourism — The Code
locale
en_US
site name
The Code
description
Join us to end the sexual exploitation of children in travel and tourism Our mission is to provide awareness, tools […]

Technology

Server
nginx
CMS
WordPress
Fonts
  • Google Fonts

Third-party hosts loaded (6)

  • fonts.googleapis.com×3
  • thecode.my.salesforce-sites.com×3
  • fonts.gstatic.com×1
  • gmpg.org×1
  • translate.google.com×1
  • www.google.com×1

Social

Contact

Email
Phone

Registration

Registrar
Name SRS AB
Created
2000-04-03
Expires
2027-04-03 318 days left
Updated
2026-01-12
Name servers
  • anna.ns.cloudflare.com
  • byron.ns.cloudflare.com

DNS records live

NS
  • anna.ns.cloudflare.com
  • byron.ns.cloudflare.com
MX
  • 0 aspmx.l.google.com
  • 10 aspmx2.googlemail.com
  • 10 aspmx3.googlemail.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • brevo-code:8c02e8a37fdb9ac93a7fce11239bfeb8
  • v=DMARC1; p=none; rua=mailto:rua@dmarc.brevo.com

Email authentication partial

SPF
v=spf1 include:_spf.google.com include:spf.brevo.com include:_spf.salesforce.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none; rua=mailto:rua@dmarc.brevo.com
policy: none (monitoring only)
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu730fUrToSD5QANf7z6i30Z8T6Een5jOYzL6eSpynRfyXXgqPeC5gxrPrnVxot6VLScF8LtIjUFKt5…
selectors probed

Certificate (current)

R13
from 2026-03-23 to 2026-06-21
Expires in 32 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://thecode.org/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
Header values
referrer-policy
origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")
x-content-type-options
nosniff
content-security-policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
strict-transport-security
max-age=31536000; includeSubdomains

Links to (5)

Linked from (15)