rcadia.xyz

.xyz crawl

First seen 2026-04-22 · Last seen 2026-05-13 · ok HTTP/1.1 200 1016 ms crawled 2026-05-16

US · 76.76.21.241 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: RCADIA | The Digital Arcade Revolution
Description: The ultimate gaming arcade where you truly own your achievements. Compete in tournaments, earn real rewards, and own your gaming legacy. No downloads, no hassle—just play.
Language: en

Technology

CDN: Vercel
CMS: Next.js

Social

Registration

Registrar

Namecheap

Created

2024-05-04

Expires

2027-05-04 349 days left

Updated

2026-05-05

Name servers

daniella.ns.cloudflare.com
koa.ns.cloudflare.com

DNS records live

NS

daniella.ns.cloudflare.com
koa.ns.cloudflare.com

MX

1 smtp.google.com
10 mx2-hosting.jellyfish.systems
20 mx3-hosting.jellyfish.systems
5 mx1-hosting.jellyfish.systems

TXT

62ef29f8-ad53-450b-956a-0004d01b348d=2abea5defa00e028c0171f3d4b6b9adf651f23e4f3ff7ec0e30f6271c095f463
google-site-verification=Mim8maNB2M6jjE1GMHv__UkGDWq7Ei1miuqh4qXGnZU

Email authentication weak

SPF

v=spf1 +a +mx +ip4:185.61.153.94 +ip4:10.10.10.12 include:spf.web-hosting.com +ip4:185.61.153.98 ~all

softfail (~all)

DMARC

not published

DKIM

default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8a2MMSUTJTqRU5qdvKNVQzzKUY7u2DaZ7TUYWT24ua5fi62Zqw9izSqrU5w3Pgvb8WOWP3S5EKh04d…

selectors probed

Certificate (current)

R13

from 2026-05-06 to 2026-08-04

Expires in 76 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://rcadia.xyz/

present

strict-transport-security
content-security-policy
x-content-type-options
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Referrer Policy

Header values

permissions-policy: geolocation=(), microphone=(), camera=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval' 'unsafe-eval' https://cdn.jsdelivr.net https://va.vercel-scripts.com https://v8.js-dos.com; worker-src 'self' blob:; connect-src 'self' http://localhost:3001 http://localhost:5000 https://api-staging.rcadia.xyz https://api.rcadia.xyz https://*.coingecko.com https://*.coinmarketcap.com https://xumm.app https://*.xumm.app https://xrplcluster.com wss://xrplcluster.com https://api.xrpldata.com https://ipfs.xrp.cafe https://xrp.cafe https://ipfs.io https://cloudflare-ipfs.com https://v8.js-dos.com https://macromachines.xyz ws: wss:; img-src 'self' http://localhost:3001 https://games.rcadia.xyz https://api.rcadia.xyz https://xrplclaw.com https://*.coingecko.com https://*.coinmarketcap.com https://*.cloudflare-ipfs.com https://cloudflare-ipfs.com https://*.githubusercontent.com https://imagedelivery.net https://salmon-cheerful-porcupine-365.mypinata.cloud http://192.168.1.222:10000 http://localhost:10000 https://xumm.app
strict-transport-security: max-age=63072000

Links to (3)

Linked from (1)

abandonwarering.com×2