indexo.dev

oncord.com

.com crawl dns

First seen 2026-04-17 · Last seen 2026-05-18 · ok HTTP/1.1 200 4512 ms crawled 2026-05-12

AU · 160.250.72.12 · AS9723 iseek Communications Pty Ltd

Reputation 100/100

Classifying

HTML metadata

Title
Oncord - All-in-one website, ecommerce and marketing platform
Description
Website, email marketing, and ecommerce in one intuitive software platform. Oncord hosted CMS makes it simple.
Language
en
Generator
https://www.oncord.com/
Canonical
https://www.oncord.com/

Open Graph

url
https://www.oncord.com/
title
Oncord - All-in-one website, ecommerce and marketing platform
site name
Oncord
description
Website, email marketing, and ecommerce in one intuitive software platform. Oncord hosted CMS makes it simple.

Technology

Analytics
  • Google Tag Manager

Third-party hosts loaded (1)

  • www.googletagmanager.com×1

Social

Registration

Registrar
Key-Systems GmbH
Created
2017-07-31
Expires
2031-07-31 1899 days left
Updated
2025-11-29
Name servers
  • ns1.oncord.com
  • ns2.oncord.com
  • ns3.oncord.com
  • ns4.oncord.com

DNS records live

NS
  • ns1.oncord.com
  • ns2.oncord.com
  • ns3.oncord.com
  • ns4.oncord.com
MX
  • 1 oncord.com
TXT
  • google-site-verification=zslMl1sNqe674RG2OgRb0fdl-b7MUtuD46PogbtWrF0
  • google-site-verification=fL3YJaSxF4kO7mSQVGvGkQQT32gqjaITKnIuLvC39GI

Email authentication strong

SPF
v=spf1 ip4:160.250.72.12 a ip4:119.148.70.244 ip4:209.151.236.227 ip4:78.157.221.27 include:consolespf.tppwholesale.com.au include:helpscoutemail.com -all
strict (-all)
DMARC
v=DMARC1; p=reject
policy: reject (enforced)
DKIM
  • default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxD7POiYX5d7hBDzM+7x9OehH1F5Hxo9Z6K75cpAoJJiqFFB/43yfEH9yN7gLDQSqnZSRrvvz3jNjED…
selectors probed

Certificate (current)

E7
from 2026-04-15 to 2026-07-14
Expires in 56 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.oncord.com/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
  • cross-origin-opener-policy
findings
  • CSP allows unsafe inline scripts/styles
  • missing frame protection
  • missing Permissions Policy
Header values
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
content-security-policy
default-src 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:; frame-ancestors 'self'
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy
same-origin

Links to (4)

Linked from (7)