indexo.dev

schuff.com

.com crawl

First seen 2026-04-22 · Last seen 2026-05-16 · ok HTTP/1.1 200 3255 ms crawled 2026-05-16

US · 162.159.134.42 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Home - Schuff Steel
Description
By interconnecting our experience with the design process, we dramatically reduce risk from schematic through to operations to influence safety, budget and schedule.
Language
en-US
Generator
WordPress 6.9.4
Canonical
https://www.schuff.com/
Feeds

Open Graph

url
https://www.schuff.com/
title
Home - Schuff Steel
locale
en_US
site name
Schuff Steel
description
.no-cssanimations .rw-wrapper .rw-sentence span:first-child{ opacity: 1; } Preconstruction Fabrication Modularization Construction Evolved We help you navigate the challenges of construction to safely and successfully build the most complex structures in North America. Trusted by

Technology

CDN
Cloudflare
CMS
WordPress
Analytics
  • Google Tag Manager

Third-party hosts loaded (4)

  • a.omappapi.com×1
  • px.ads.linkedin.com×1
  • www.facebook.com×1
  • www.googletagmanager.com×1

Social

Contact

Phone

Registration

Registrar
GoDaddy.com, LLC
Created
1995-12-19
Expires
2026-05-24 5 days left
Updated
2025-05-25
Name servers
  • ns03.domaincontrol.com
  • ns04.domaincontrol.com

DNS records live

NS
  • ns03.domaincontrol.com
  • ns04.domaincontrol.com
MX
  • 10 us-smtp-inbound-1.mimecast.com
  • 20 us-smtp-inbound-2.mimecast.com
TXT
Show 8 TXT records
  • MS=ms15213364
  • dropbox-domain-verification=2pb5t9s6pkqb
  • google-site-verification=vqZYVAasaq1LD7bcmMbh_amlnluXMo7bAVKvV0DURVw
  • nVS6e+ere5sutlXOZ+k6NVoAlW5kp1UobGjgalD4bImENjeJOZVb8oFA7qyuZd0FPwrZvf6p6GOWybhMGXe7CA==
  • dropbox-domain-verification=lmxikzk448fx
  • ca3-6f028a83a3074c0294d4bb4851d81624
  • smartsheet-site-validation=U4TQiMP2g_E9EfpBi0Qmz__cDtIxLMFk
  • sophos-domain-verification=d4198f2222e8cb8c966363b8f6a739619c0661f0

Email authentication strong

SPF
v=spf1 mx ip4:72.44.224.240 include:us._netblocks.mimecast.com include:spf.protection.outlook.com include:spf.emailsignatures365.com -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:DBMGlobal.DMARC@dbmglobal.com; ruf=mailto:DBMGlobal.DMARC@dbmglobal.com; fo=1; pct=100
policy: quarantine
DKIM
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed

Certificate (current)

WE1
from 2026-04-29 to 2026-07-28
Expires in 70 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.schuff.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
DENY
permissions-policy
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), xr-spatial-tracking=(), gamepad=(), serial=()
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self';block-all-mixed-content;default-src 'self';script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*.schuff.com/meet-dbm-global/:3 *.hotjar.com/api/ https://www.youtube.com https://www.youtube.com/iframe_api https://m.youtube.com https://googleads.g.doubleclick.net https://*.googletagservices.com https://*.googlesyndication.com https://*.googleadservices.com https://*.doubleclick.net https://*.list-manage.com https://*.google.com https://a.omappapi.com https://content.linkedin.com https://connect.facebook.net https://chimpstatic.com https://downloads.mailchimp.com https://google-analytics.com https://graph.facebook.com https://googletagmanager.com https://js.facebook.com https://maps.googleapis.com https://platform.linkedin.com https://ssl.google-analytics.com https://static-exp1.licdn.com https://snap.licdn.com https://script.crazyegg.com https://script.hotjar.com https://static.hotjar.com https://use.typekit.net https:
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy
unsafe-none
cross-origin-embedder-policy
unsafe-none; report-to='default'
cross-origin-resource-policy
cross-origin

Links to (4)

Linked from (2)