indexo.dev

craftycabal.com

.com crawl

First seen 2026-04-17 · Last seen 2026-05-12 · ok HTTP/1.1 200 4207 ms crawled 2026-05-12

AU · 103.27.34.116 · AS45638 SYNERGY WHOLESALE PTY LTD

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
The Crafty Cabal — The club for Australian beer lovers
Description
Cabalistas get to enjoy special offers at the country's best breweries and venues, entry into awesome monthly draws, invites to exclusive events and more.
Language
en
Canonical
https://craftycabal.com/

Open Graph

url
https://craftycabal.com/
title
The club for Australian beer lovers
site name
The Crafty Cabal
description
Cabalistas get to enjoy special offers at the country's best breweries and venues, entry into awesome monthly draws, invites to exclusive events and more.

Technology

Server
LiteSpeed
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (5)

  • craftypint.s3.amazonaws.com×29
  • fonts.googleapis.com×1
  • js.braintreegateway.com×1
  • s3-ap-southeast-2.amazonaws.com×1
  • www.googletagmanager.com×1

Social

Registration

Registrar
GoDaddy.com, LLC
Created
2015-03-12
Expires
2027-03-12 295 days left
Updated
2025-03-14
Name servers
  • ns1.syd1.hostingplatform.net.au
  • ns2.syd1.hostingplatform.net.au

DNS records live

NS
  • ns1.syd1.hostingplatform.net.au
  • ns2.syd1.hostingplatform.net.au
MX
  • 0 craftycabal.com

Email authentication weak

SPF
v=spf1 ip4:103.27.34.116 ip4:223.130.27.39 +a +mx +include:spf.hostedmail.net.au include:spf.hostingplatform.net.au ~all
softfail (~all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-03-30 to 2026-06-28
Expires in 39 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://craftycabal.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
DENY
permissions-policy
geolocation=(self), microphone=(), camera=(), fullscreen=(self), payment=()
x-content-type-options
nosniff
content-security-policy
default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' https: *;style-src 'self' 'unsafe-inline' https: *;img-src 'self' https: data:;font-src 'self' https: data:;connect-src 'self' https: *;frame-src 'self' https: *;media-src 'self' https:;object-src 'none';base-uri 'self';form-action 'self' https:;upgrade-insecure-requests;block-all-mixed-content;
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (8)

Linked from (2)