roofstock.com
HTML metadata
Technology
- CMS
- Drupal
Third-party hosts loaded (2)
- images.ctfassets.net×8
- roofstock-cdn4.azureedge.net×2
Social
Contact
Registration
- Registrar
- CSC Corporate Domains, Inc.
- Created
- 2006-01-07
- Expires
- 2027-01-07 232 days left
- Updated
- 2026-01-03
- Name servers
-
- dns1.cscdns.net
- dns2.cscdns.net
DNS records live
- NS
-
- dns1.cscdns.net
- dns2.cscdns.net
- MX
-
- 1 aspmx.l.google.com
- 10 aspmx2.googlemail.com
- 10 aspmx3.googlemail.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- TXT
-
Show 31 TXT records
logmein-verification-code=48e4ad20-e02b-4bb0-ae3c-98ecbaf520c5hibp-verify=dweb_k4g1vqaaufkecnmhgix6ajv1knowbe4-site-verification=a7b7baf368206f5d685041660a4c76e3atlassian-domain-verification=NlpP4vLUR5RKzqUFiAyIS3kNVNKrhlZcQbPNAnJp1sPxVKIME78gEgv3/kDaA1xTMS=ms90237181anthropic-domain-verification-bg17rq=9F8gZTkzirVbXXGmMfOx4XEPazapier-domain-verification-challenge=3ad3f384-b08c-43fe-b5e0-a706102218fbsegment-site-verification=RdFET6jEi2iQGiwMR1hoSuVkNYfr7ovWgoogle-site-verification=W62L7FCt4iZobI6lAvZs4UwcZK-zFgShEX3zA4sYIDEadobe-idp-site-verification=3f1fc87d4d9156a62901dacb683e14157fd5b7a23a9ee325b5e064b10530a669ZOOM_verify_tn7Uz4PdRM-R91dwwgWpQA16A26868630ed1fe018aa452fbb7133f43d6a56bf56b6b536f84notion-domain-verification=RRoIto8Z4qoGIQWTUYDNb5VLL6TMpsFxqopTNVI2kECatlassian-domain-verification=15s1xNVitAoOyYbTuS/WFeS1TH5qjpodcGFZ8UHXz1WdQrZqQ0OwOyA0xp3kUI69l4vt2inu6np9esl83gl9d5s50dgoogle-site-verification=yRlaR2i5nXkBVbBvaBDF0skJXVJYVgcBNeR11-KVz-4sophos-domain-verification=16ecb5b8af042d90d75f554f3586bf10e18b842ddb24ca3a9f0a7e9e9705b744atlassian-domain-verification=tEhkWx2tcI7R9qSClQViMve15pnUSfk5mQH0V4bRfbt7CDWiZCcUtHLeJJzYBF04google-site-verification=HFc89EH8l-X3PofJwwNctD4yX_-Y3EfmFmiGxyP7W10ducusign=83268ec7-ca63-43be-bd34-a0769e2a5736jamf-site-verification=u6RDa-uBVnxdlR716IeQAAdropbox-domain-verification=h4nm0h9wpbjotipalti._domainkey.roofstock.comv=DKIM1;k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUejllw7R9wJvQ8Lo CS5LwXo3xq+ReQWBUMQvktXNmX43LZyDQr0H9dHKuoFsDHwo0nZJk3JAJs610H9dQF+SZyeVL0Pv5Jiq3dSLs/+tyxIBCou20Gy/7b+y6gUvqvMbZWM/fFHfpZgh/3E0vHJXGob/3XxqcW2BtIgxVSf+HTwIDAQABapple-domain-verification=c3ZBUhLOqDDAJ9RZslack-domain-verification=3Cz02qdEixOwR1P6oROjXdiYr3Aig5TPipMZpaCXmixpanel-domain-verify=a5ef975c-a298-4ebb-85fa-96e1d926be9ahubspot-domain-verification=YzExZWQ4ODYtYmFiMi00ZDM1LTliN2YtYzQxMTUyNzY4YTFhE7741CA45B00D41000000fTgn=1TBUL00000002Jbgoogle-site-verification=J5z4yPWWRVDycewDK1PWxF030nhIbe3TkFW84UeKv1o
Email authentication strong
- SPF
-
v=spf1 include:_spf.salesforce.com include:amazonses.com include:spf.mandrillapp.com include:spf.protection.outlook.com include:_spf.google.com include:2608901.spf10.hubspotemail.net ip4:52.73.203.75 ip4:44.193.121.189 ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none; rua=mailto:6986e85a@mxtoolbox.dmarc-report.com,mailto:wv7yufj3@ag.us.dmarcian.com,mailto:spoofing@roofstock.com; ruf=mailto:6986e85a@forensics.dmarc-report.com;policy: none (monitoring only) - DKIM
-
Show 6 DKIM selectors
- google:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslEM2kWbeIM+abVpufS05d9m/EcUL7CmUjcU2PayeabdXcOpxBt/1tsK/AYYP+Q0mRJiMBi++E9xd0… - selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYfK2gGcza6HAaiZofKGAZAHcXop9Cc3zU27nIM9vADq/Xo5djRIQu5LbZOJFDwV99AB+bQ/yDAxEkQq8aAf… - k1:
k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1gU64wM331J2x42nJ5l0VWV9mz2yyXOQwlgqvQ5eOkANWTV43m7GSCUU9MBBKHDpm6+8o9nY+5vm506tZ… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8tvSmzHnj/KkHIVAuonmai05ZFiat3Js8GETYTxg0Pfb3773i53A56TIx89vrodwSgVPFTQFqQ1Tg/KOpQM6YlC… - smtpapi:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…
selectors probed - google:
Certificate (current)
Go Daddy Secure Certificate Authority - G2
Expires in 199 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- findings
-
- short HSTS max-age
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Permissions Policy
Header values
- referrer-policy
same-origin- x-content-type-options
nosniff- content-security-policy
upgrade-insecure-requests; default-src 'self'; base-uri 'self'; font-src 'self' https:; img-src 'self' https: data:; media-src https:; object-src 'none'; style-src 'self' 'unsafe-inline' https:; connect-src 'self' *.clarity.ms r.lrkt-in.com api.segment.io cdn.segment.com vimeo.com www.google.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com; frame-src 'self' roofstock.formstack.com player.vimeo.com https://www.googletagmanager.com; script-src 'self' 'unsafe-hashes' 'unsafe-eval' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https://cdn.segment.com/ https://bat.bing.com/ https://*.clarity.ms https://*.googletagmanager.com https://cdn.lrkt-in.com https://connect.facebook.com https://connect.facebook.net/;- strict-transport-security
max-age=10886400; includeSubDomains; preload
Links to (6)
- azureedge.net×2
- google.com×2
- linkedin.com×2
- mynd.co×2
- rentprep.com×2
- stessa.com×2