builtmorecontractmfg.com

HTML metadata

Title: Builtmore Contract Manufacturing - A Brand of The Shyft Group
Description: Builtmore Contract Manufacturing offers highly skilled manufacturing, assembly, and quality assurance for OEMs across industries. With an abundance of experience, capacity, and Midwestern work ethic, Builtmore is the first choice for companies in search of manufacturing partner who can deliver.
Language: en-US
Generator: WordPress 6.9.4
Canonical: https://builtmorecontractmfg.com/

Open Graph

url: https://builtmorecontractmfg.com/
title: Builtmore Contract Manufacturing - A Brand of The Shyft Group
locale: en_US
site name: Builtmore Contract Manufacturing
description: Builtmore Contract Manufacturing offers highly skilled manufacturing, assembly, and quality assurance for OEMs across industries. With an abundance of experience, capacity, and Midwestern work ethic, Builtmore is the first choice for companies in search of manufacturing partner who can deliver.

Technology

CDN: Cloudflare
CMS: WordPress

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (5)

fonts.googleapis.com×2
fonts.gstatic.com×1
gmpg.org×1
www.google.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

Cloudflare, Inc.

Created

2020-05-27

Expires

2027-05-27 373 days left

Updated

2026-04-27

Name servers

simon.ns.cloudflare.com
sue.ns.cloudflare.com

DNS records live

NS

simon.ns.cloudflare.com
sue.ns.cloudflare.com

MX

10 mailstream-east.mxrecord.io
10 mailstream-west.mxrecord.io
5 mailstream-central.mxrecord.mx

TXT

MS=ms44343806
pardot107142=3bb9b05567438537dbf116d596345b3537448ca273100beeb80255814115f525
MS=ms29766491

Email authentication partial

SPF

v=spf1 include:aspmx.pardot.com include:spf.protection.outlook.com include:plexonline.com include:spf-us.emailsignatures365.com ip4:72.8.246.139 ip4:166.90.240.82 ip4:12.198.137.34 ip4:99.32.122.169 -all

strict (-all)

DMARC

v=DMARC1;p=none;pct=100;rua=mailto:3fc13486399b4f9c8925252cc4e7bc13@dmarc-reports.cloudflare.net

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8AJH2q5/U/lhZkOAWeDH219BkkBD9IvicQm4rve8NSeEbYl91/JE2jPhcEc8LprULUVc4dZKPSFQT6…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OPCK++8+d+8VhgVYbfh4LxJ9DFzvzbFoagHh2k1v7Q5JGlDw69hT8uM3ROsf/5zX+DCqV1NcYS9SF…

selectors probed

Certificate (current)

WE1

from 2026-03-20 to 2026-06-18

Expires in 30 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://builtmorecontractmfg.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: connect-src 'self' www.google-analytics.com tr.snapchat.com stats.g.doubleclick.net maps.googleapis.com; default-src 'self' www.facebook.com; font-src 'self' fonts.gstatic.com data:; frame-src 'self' www.google.com www.facebook.com theshyftgroup.gcs-web.com www.youtube.com; script-src 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' www.googletagmanager.com googletagmanager.com google.com www.google.com www.gstatic.com www.google-analytics.com static.hotjar.com static.cloudflareinsights.com www.youtube.com connect.facebook.com pi.pardot.com tr.snapchat.com sc-static.net connect.facebook.net script.hotjar.com maps.googleapis.com ajax.googleapis.com cdnjs.cloudflare.com *.cloudflare.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com;
strict-transport-security: max-age=31536000; includeSubDomains; preload

Links to (4)

Linked from (1)

theshyftgroup.com×1