incidecoder.com

.com crawl

First seen 2026-05-02 · Last seen 2026-05-02 · ok HTTP/1.1 200 552 ms crawled 2026-05-08

US · 216.239.34.21 · AS15169 Google LLC

Reputation 89/100 weak security headers dmarc monitor-only

sector beauty type homepage

HTML metadata

Title: INCIDecoder - Decode your skincare ingredients
Description: Decode skincare ingredients fast with our science-based but easy-to-understand explanations. Analyze ingredient lists at a press of a button.
Language: en

Technology

Server: Google

Analytics

Google Analytics
Google Tag Manager

Ads

Meta Pixel

Third-party hosts loaded (8)

incidecoder-assets.storage.googleapis.com×24
incidecoder-content.storage.googleapis.com×8
www.facebook.com×2
connect.facebook.net×1
www.google-analytics.com×1
www.google.com×1
www.googletagmanager.com×1
www.gstatic.com×1

Social

Registration

Registrar

DotRoll Kft.

Created

2015-07-24

Expires

2026-07-24 66 days left

Updated

2023-07-19

Name servers

ns1.dotroll.com
ns2.dotroll.com

DNS records live

NS

ns1.dotroll.com
ns2.dotroll.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

google-site-verification=CHyR6NgvD_5jkIo5QZyrZGb8knXN0S5j5JIigubgGLY
google-site-verification=6SCYN0ip2KV93LbNKv_qFZbwl2q_x3Ksj1fjHIhqapk

Email authentication weak

SPF

not published

DMARC

v=DMARC1; p=none; rua=mailto:judit@incidecoder.com

policy: none (monitoring only)

DKIM

k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NtUNaH79zthJLzP0LMs0PKhAbL3h+OzNYPsRd2PQmvW6c8fuAX4gLKLxsDyu7UgpyKV8QEe7K3WBHwJds…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClFymr2FD+yZz1zG++pJz4FLAOPi2QS0kwwVPqAIWUWsjzqj/Gwq+APVKv6tmGgNjMRZSoMRUiWmlxynVpvE6hLD…

selectors probed

Certificate (current)

WR3

from 2026-05-02 to 2026-07-31

Expires in 73 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://incidecoder.com/

present

content-security-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: frame-ancestors 'none'; script-src https://incidecoder-assets.storage.googleapis.com 'nonce-u4SxRBbeGg7mf_IDqImsoXQYWpaGa8rTv6RICa5h_qY' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net https://www.google.com https://www.gstatic.com https://www.instagram.com ; style-src https://incidecoder-assets.storage.googleapis.com 'unsafe-inline'; font-src https://incidecoder-assets.storage.googleapis.com https://fonts.gstatic.com; manifest-src https://incidecoder-assets.storage.googleapis.com; img-src https://connect.facebook.net https://www.facebook.com https://www.gstatic.com https://incidecoder-assets.storage.googleapis.com https://incidecoder-content.storage.googleapis.com https://www.google-analytics.com https://incidecoder-magic.storage.googleapis.com blob: ; frame-src https://www.instagram.com https://www.google.com; connect-src 'self' https://incidecoder-content.storage.googleapis.com https://www.google-analytics.com https://www.googletag

Links to (5)

Linked from (1)

mytrendyblends.com×1