indexo.dev

nzsothebysrealty.com

.com crawl

First seen 2026-06-01 · Last seen 2026-06-01 · ok HTTP/1.1 200 2499 ms crawled 2026-06-01

US · 104.26.7.208 · AS13335 Cloudflare, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Houses for Sale in New Zealand | NZ Sotheby’s Realty
Description
Find property for sale or sell with us, New Zealand Sotheby’s Realty. Residential, rural, commercial real estate, new developments and luxury rentals.
Language
en
Canonical
https://www.nzsothebysrealty.com/

Open Graph

url
https://www.nzsothebysrealty.com/
title
New Zealand Sotheby's International Realty
locale
en_US
site name
NZ Sotheby’s Realty
description
Find property for sale or sell with us, New Zealand Sotheby’s Realty. Residential, rural, commercial real estate, new developments and luxury rentals.

Technology

CDN
Cloudflare
CMS
Nuxt
Analytics
  • Google Tag Manager
Fonts
  • Adobe Fonts

Third-party hosts loaded (5)

  • cms.nzsir.com×8
  • cloud.typography.com×1
  • unpkg.com×1
  • use.typekit.net×1
  • www.googletagmanager.com×1

Social

Registration

Registrar
CSC Corporate Domains, Inc.
Created
2010-06-13
Expires
2026-06-13 7 days left
Updated
2025-06-09
Name servers
  • harvey.ns.cloudflare.com
  • zara.ns.cloudflare.com

DNS records live

NS
  • harvey.ns.cloudflare.com
  • zara.ns.cloudflare.com
MX
  • 5 nzsothebysrealty-com.mail.protection.outlook.com
Verified for
  • Google

Email authentication weak

SPF
v=spf1 include:spf.protection.outlook.com include:spf.propertysuite.co.nz -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

WE1
from 2026-04-29 to 2026-07-28
Expires in 53 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.nzsothebysrealty.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
base-uri 'self'; font-src 'self' 'unsafe-inline' data: https://sothebys.test http://cms.southebys.local https://sothebys-admin.test https://localhost:3000 https://fonts.googleapis.com https://fonts.gstatic.com https://use.typekit.net https://nzsothebysrealty.com https://www.nzsothebysrealty.com https://*.hotjar.com https://cdn.livechatinc.com; form-action 'self' https://www.facebook.com; frame-ancestors 'self'; img-src 'self' data: https://sothebys.test http://cms.southebys.local https://sothebys-admin.test https://uat.cms.nzsir.com https://cms.nzsir.com https://bre-directus-uat.azurewebsites.net https://bre-directus-prod.azurewebsites.net https://www.google.co.nz https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://adservice.google.com https://*.hotjar.com https://ad.doubleclick.net *.loopaautomate.com *.loopa.net.au *.adnxs.com *.taboola.com looparesources.azureedge.net https://connect.facebook.net https://www.facebook.com https://img.youtu
strict-transport-security
max-age=31536000
cross-origin-opener-policy
unsafe-none
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin

Links to (5)

Linked from (1)