co2us.com

.com crawl

First seen 2026-04-20 · Last seen 2026-05-10 · ok HTTP/1.1 200 1882 ms crawled 2026-05-19

US · 104.21.44.238 · AS13335 Cloudflare, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Co2us
Language: en
Generator: nopCommerce

Technology

CDN: Cloudflare

Fonts

Google Fonts

Third-party hosts loaded (2)

fonts.googleapis.com×1
www.footballwidgets.com×1

Registration

Registrar

GoDaddy.com, LLC

Created

2013-02-19

Expires

2027-02-19 274 days left

Updated

2026-02-20

Name servers

greg.ns.cloudflare.com
noor.ns.cloudflare.com

DNS records live

NS

greg.ns.cloudflare.com
noor.ns.cloudflare.com

MX

0 smtp.secureserver.net
10 mailstore1.secureserver.net

TXT

blhuinh59q6lcn5r3jj59jasto

Verified for

Google

Email authentication weak

SPF: not published
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-05-03 to 2026-08-01

Expires in 73 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://co2us.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN, SAMEORIGIN
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';https://*.vimeo.com;https://*.vimeocdn.com
strict-transport-security: max-age=31536000; includeSubDomains

Links to (2)

nop-templates.com×1
nopcommerce.com×1

Linked from (1)

theblogstatus.com×2