indexo.dev

ofza.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-05 · ok HTTP/1.1 200 2224 ms crawled 2026-05-07

US · 104.20.38.44 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Buy & Sell Bitcoin, Ethereum in the GCC Securely | OFZA
Description
Join us now to securely buy and sell Bitcoin, Ethereum, and other cryptocurrencies in the GCC with OFZA
Language
en
Canonical
https://ofza.com/en
Translations
  • en

Open Graph

url
https://ofza.com/en
title
Buy & Sell Bitcoin, Ethereum in the GCC Securely | OFZA
site name
OFZA
description
Join us now to securely buy and sell Bitcoin, Ethereum, and other cryptocurrencies in the GCC with OFZA

Technology

CDN
Cloudflare
CMS
Next.js
Analytics
  • Cloudflare Insights
  • Google Tag Manager
Cookie consent
  • Cookiebot

Third-party hosts loaded (5)

  • www.googletagmanager.com×2
  • consent.cookiebot.com×1
  • px.ads.linkedin.com×1
  • static.cloudflareinsights.com×1
  • www.facebook.com×1

Social

Registration

Registrar
GoDaddy.com, LLC
Created
2006-01-31
Expires
2028-01-31 620 days left
Updated
2026-01-02
Name servers
  • grant.ns.cloudflare.com
  • harleigh.ns.cloudflare.com

DNS records live

NS
  • grant.ns.cloudflare.com
  • harleigh.ns.cloudflare.com
MX
  • 0 ofza-com.mail.protection.outlook.com
TXT
  • linkedin-site-verification=1fec735e-62c7-4f29-9566-177a3a523683
Verified for
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com include:mailgun.org include:sendgrid.net -all
strict (-all)
DMARC
v=DMARC1; p=reject; rua=mailto:908a47c69c094891aaeb0de36736129a@dmarc-reports.cloudflare.net,mailto:dmarc@ofza.com; ruf=mailto:dmarc@ofza.com; fo=0:1:d:s
policy: reject (enforced)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cdwP+otLMpig1Wy8p/+f6dcegt0S0NOGtKjLGMDMOO/J6h9iWbn9+jTrfYNXtMQ+XfUMgDQBgRdY4…
selectors probed

Certificate (current)

WE1
from 2026-04-15 to 2026-07-14
Expires in 54 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://ofza.com/en

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
camera=(self "https://api.sumsub.com" "https://app.saber.money" "https://onramp.money" "https://widget.paybis.com"), microphone=(self), geolocation=(self), browsing-topics=()
x-content-type-options
nosniff
content-security-policy
default-src 'self';script-src 'self' https://*.clarity.ms https://www.gstatic.com https://*.linkedin.com https://www.google.com/recaptcha/enterprise.js https://www.google.com/recaptcha https://*.zendesk.com https://static.zdassets.com https://assets.production.linktr.ee https://form.typeform.com https://static.geetest.com https://snap.licdn.com https://*.hotjar.com http://gcaptcha4.geetest.com http://gcaptcha4.gsensebot.com https://analytics.twitter.com https://t.co https://connect.facebook.net http://gcaptcha4.geetest.com http://gcaptcha4.gsensebot.com https://static.ads-twitter.com http://static.ads-twitter.com https://static.ads-twitter.com http://gcaptcha4.geevisit.com http://static.geetest.com http://static.geevisit.com http://dn-staticdown.qbox.me https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-inline' 'unsafe-eval';connect-src 'self' https://*.clarity.ms https://*.ofza.com wss://*.ofza.com wss://*.firebaseio.com wss://*.zendesk.com https://ofza.zendesk.
strict-transport-security
max-age=15552000; includeSubDomains; preload
cross-origin-opener-policy
same-origin

Links to (4)

Linked from (1)