javascriptobfuscator.com

.com crawl

First seen 2026-04-21 · Last seen 2026-05-17 · ok HTTP/1.1 200 913 ms crawled 2026-05-14

US · 104.21.2.167 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title: JavaScript Obfuscator - Protect JavaScript for Modern Release Workflows
Description: JavaScript protection for modern release workflows. Try the online obfuscator, keep source local with the desktop app, or wire the hosted API and npm CLI into CI. Since 2004.
Language: en
Canonical: <%= Request.Url.GetLeftPart(UriPartial.Path) %>

Open Graph

url: <%= Request.Url.GetLeftPart(UriPartial.Path) %>
title: JavaScript Obfuscator - Protect JavaScript for Modern Release Workflows
site name: JavaScript Obfuscator
description: JavaScript protection for modern release workflows. Try the online obfuscator, keep source local with the desktop app, or wire the hosted API and npm CLI into CI. Since 2004.

Technology

CDN: Cloudflare

Fonts

Google Fonts

Third-party hosts loaded (2)

fonts.googleapis.com×2
fonts.gstatic.com×1

Contact

Address: 201 Consumers Rd, M2J 4G8, North York, ON, CA

Registration

Registrar

GoDaddy.com, LLC

Created

2004-09-24

Expires

2026-09-24 127 days left

Updated

2025-09-24

Name servers

lady.ns.cloudflare.com
rick.ns.cloudflare.com

DNS records live

NS

lady.ns.cloudflare.com
rick.ns.cloudflare.com

MX

10 mail.javascriptobfuscator.com

TXT

google-site-verification=UP1nfitTB3UHlKcn9797ocJzTPCl3EBEVz_XqN2K9v8

Email authentication strong

SPF: v=spf1 include:spf.protection.outlook.com -all
strict (-all)
DMARC: v=DMARC1;p=quarantine;pct=25;rua=mailto:support@javascriptobfuscator.com
policy: quarantine · pct=25
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-03-24 to 2026-06-22

Expires in 34 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://javascriptobfuscator.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: camera=(), microphone=(), geolocation=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; img-src 'self' data: https:; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://checkout.stripe.com https://www.paypal.com https://www.paypalobjects.com https://mylivechat.com https://www.mylivechat.com https://static.cloudflareinsights.com; connect-src 'self' https: https://static.cloudflareinsights.com https://cloudflareinsights.com; frame-src 'self' https://js.stripe.com https://checkout.stripe.com https://www.paypal.com https://www.sandbox.paypal.com https://mylivechat.com https://www.mylivechat.com; form-action 'self' https://www.paypal.com https://www.sandbox.paypal.com https://checkout.stripe.com
strict-transport-security: max-age=31536000; includeSubDomains