carlisleccw.com

.com crawl

First seen 2026-04-18 · Last seen 2026-05-12 · ok HTTP/1.1 200 8092 ms crawled 2026-05-12

US · 104.18.0.213 · AS13335 Cloudflare, Inc.

Reputation 100/100

sector b2b services type homepage

HTML metadata

Title: Carlisle Coatings & Waterproofing
Description: CCW is an industry leader in construction building materials for waterproofing, and air & vapor barrier. Waterproofing systems built on solid values.

Technology

CDN: Cloudflare

Analytics

Google Tag Manager

Cookie consent

OneTrust

Third-party hosts loaded (5)

ajax.googleapis.com×3
cdn.cookielaw.org×2
www.googletagmanager.com×2
js.hs-scripts.com×1
www.facebook.com×1

Social

Contact

Phone

(800) 527-7092

Registration

Registrar

GoDaddy Corporate Domains, LLC

Created

2011-07-01

Expires

2026-07-01 43 days left

Updated

2025-05-31

Name servers

brenda.ns.cloudflare.com
mario.ns.cloudflare.com

DNS records live

NS

brenda.ns.cloudflare.com
mario.ns.cloudflare.com

MX

1 carlisle-com.mail.protection.outlook.com

TXT

Show 5 TXT records

UUYRoblgjHI7jCyKy1hQDfEo5Bs1hydmSNKH0mJ8VTUZzDn8GJrfOcISGBiy/RjgHyVsLaM2efh5nmdgW4FbxQ==
adobe-idp-site-verification=c4f61c193089a91c705a788d2345d323c48839d29b0e31dad6713bb43321be77
atlassian-domain-verification=4tKwdVCjalaoMFF1afcvaA6JOOhJyqb9An94BsbB2F/zRj4ZhkGzbIAE4J48HluM
dropbox-domain-verification=8cjbr0ljorgn
google-site-verification=mSErjmBCZgfRT9PTMRxzYSFqQLzcqrwoO_DCoAT4kIM

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:118964.spf10.hubspotemail.net ip4:67.228.89.126 ip4:8.43.178.239 ip4:4.15.193.208 ip4:4.15.193.202 ip4:4.15.193.180 include:_spf.salesforce.com -all

strict (-all)

DMARC

v=DMARC1;p=reject;pct=100;rua=mailto:dmarca@carlisle.com

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0K74eu5SpADjfpRdxuOKf/TJqx75zmRHBn9SZ1rs+bgid88MybBCAW5M/msmeMtQLCciuthQ6ZdFoM…

selectors probed

Certificate (current)

WE1

from 2026-05-04 to 2026-08-03

Expires in 76 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.carlisleccw.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(), microphone=(), camera=(), payment=(), usb=(), interest-cohort=(), bluetooth=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.gstatic.com *.doubleclick.net *.facebook.net cdn.jsdelivr.net cdn.rawgit.com *.flowplayer.org *.aspnetcdn.com *.lpsnmedia.net snap.licdn.com js.hs-scripts.com js.hsadspixel.net js.hubspot.com js.hs-banner.com js.hs-analytics.net js.usemessages.com *.liveperson.net cdn.cookielaw.org *.googleapis.com *.googletagmanager.com *.ccmapp.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.rawgit.com cdn.jsdelivr.net *.flowplayer.org *.googleapis.com cdn.cookielaw.org *.ccmapp.com; object-src 'none'; base-uri 'self'; connect-src 'self' *.facebook.com capig.stape.biz *.google-analytics.com *.google.com *.doubleclick.net *.linkedin.com *.hubspot.com api.hubapi.com cdn.cookielaw.org *.onetrust.com *.googletagmanager.com; font-src 'self'; frame-src 'self' *.google.com *.doubleclick.net *.youtube.com ccmportal.microsoftcrmportals.com *.lpsnmedia.net *.facebook.com *.googletagmanager.com; img-src
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin

Links to (10)

Linked from (1)

douglasscolony.com×2