indexo.dev

decraroofasia.com

.com crawl

First seen 2026-04-20 · Last seen 2026-05-14 · ok HTTP/1.1 200 6900 ms crawled 2026-05-14

AU · 20.37.196.201 · AS8075 Microsoft Corporation

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Decra - Asia's Leading Steel Tile Roofing
Description
Innovative steel roofing systems designed and manufactured in NZ for the world
Language
en
Canonical
https://www.decraroofasia.com/

Open Graph

url
https://www.decraroofasia.com/
title
Decra - Asia's Leading Steel Tile Roofing
site name
Decra Asia
description
Innovative steel roofing systems designed and manufactured in NZ for the world

Technology

Analytics
  • Google Tag Manager
Fonts
  • Adobe Fonts

Third-party hosts loaded (2)

  • use.typekit.net×1
  • www.googletagmanager.com×1

Social

Registration

Registrar
PDR Ltd. d/b/a PublicDomainRegistry.com
Created
2022-02-03
Expires
2027-02-03 259 days left
Updated
2026-02-05
Name servers
  • ariella.ns.cloudflare.com
  • peter.ns.cloudflare.com

DNS records live

NS
  • ariella.ns.cloudflare.com
  • peter.ns.cloudflare.com
MX
  • 10 _dc-mx.202959c3fcd1.decraroofasia.com
TXT
  • google-site-verification=sWo5fJ7x5K6jmJ7xUiWBsN9DQ7U8Chtu2kYHG69SM_8

Email authentication weak

SPF
v=spf1 a mx ip4:94.75.202.204 ~all
softfail (~all)
DMARC
not published
DKIM
  • default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxmWTZSzqi9ItmbgP1Z4qILyXSM9MD2UmBD1Gs7z5VPvXXffPBqJkaXj+0V3YTitDg/W+Lse0iGV/E…
selectors probed

Certificate (current)

GeoTrust TLS RSA CA G1
from 2026-02-18 to 2026-08-19
Expires in 91 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.decraroofasia.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
camera=(), geolocation=(self), microphone=(), payment=(), usb=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://googletagmanager.com https://tagmanager.google.com https://*.googletagmanager.com https://www.google-analytics.com https://js.hsforms.net https://sdks.shopifycdn.com https://ajax.googleapis.com https://www.google.com https://www.gstatic.com https://js-ap1.hsforms.net https://consent.cookiebot.com https://consentcdn.cookiebot.com https://*.hubspot.com https://google.com https://recaptcha.net https://*.clarity.ms; style-src 'self' 'unsafe-inline' https://googletagmanager.com https://*.googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; img-src 'self' data: https://fonts.gstatic.com https://dashboard.umbraco.org https://dashboard.umbraco.com https://img.youtube.com https://googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com https://*.google-analytics.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (3)

Linked from (1)