tokoplas.com

.com crawl

First seen 2026-04-22 · Last seen 2026-05-16 · ok HTTP/1.1 200 3943 ms crawled 2026-05-16

ID · 147.139.166.146 · AS45102 Alibaba US Technology Co., Ltd.

Reputation 100/100

sector b2b services type homepage

HTML metadata

Title

Complete & Trusted Online Resin Marketplace

Description

The first, most complete, easy, and trusted online resin/plastic pellets marketplace.

Language

Canonical

https://tokoplas.com

Translations

en-my
id-id

Open Graph

url: https://tokoplas.com
title: Complete & Trusted Online Resin Marketplace
locale: id_ID
site name: tokoplas
description: The first, most complete, easy, and trusted online resin/plastic pellets marketplace.
locale:alternate: en_US

Technology

Server: nginx

Analytics

Google Analytics
Google Tag Manager
Hotjar

Third-party hosts loaded (6)

www.googletagmanager.com×3
static.hotjar.com×2
www.google-analytics.com×2
cdnjs.cloudflare.com×1
maps.googleapis.com×1
tokoplas.my×1

Social

Contact

Email

holidayshello@tokoplas.com

Phone

Registration

Registrar

GoDaddy.com, LLC

Created

2019-01-31

Expires

2027-01-31 256 days left

Updated

2025-02-01

Name servers

vip7.alidns.com
vip8.alidns.com

DNS records live

NS

vip7.alidns.com
vip8.alidns.com

MX

1 smtp.google.com

TXT

Show 6 TXT records

facebook-domain-verification=pgpjcg4nc6fhlh752mw5c7lg1qtglv
facebook-domain-verification=aoiy4yr3buf715fsjw5fzoghfrv3ed
Domain _mta-sts.tokoplas.com.
google-site-verification=mZsXgK66LyDSiflVePVpykBqUSHIRYmq-iI5V4lZd2U
google-site-verification=jrkk3UjuXkrx5LY0qUKB3Dvg2qfKPKrnR8Eox2xiyRA
google-site-verification=8OK_OHD7StQxwfKB6IsbGU4IfGnRqsCUR3KWW2OT2Lo

Email authentication strong

SPF: v=spf1 include:_spf.google.com include:spf.mandrillapp.com ~all
softfail (~all)
DMARC: v=DMARC1; p=quarantine; rua=mailto:devplas@tokoplas.com, mailto:dmarc@tokoplas.com; pct=100; adkim=s; aspf=s
policy: quarantine
DKIM: no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA OV R36

from 2025-06-25 to 2026-07-27

Expires in 68 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://tokoplas.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection
weak content type protection

Header values

referrer-policy: no-referrer, no-referrer-when-downgrade
x-frame-options: SAMEORIGIN, SAMEORIGIN
permissions-policy: , geolocation=(), microphone=(), camera=()
x-content-type-options: nosniff, nosniff
content-security-policy: base-uri 'none'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self'; img-src 'self' data: https: http: blob:; object-src 'self' data: https: http: blob:; script-src-attr 'unsafe-inline'; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; default-src 'self' data: https: http: blob: https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com 'unsafe-inline' https://*.mixpanel.com wss://*.mixpanel.com https://*.pusher.com wss://*.pusher.com; connect-src 'self' https: http: wss: https://*.pusher.com wss://*.pusher.com https://sockjs-mt1.pusher.com; frame-src 'self' data: https: http: blob:;
strict-transport-security: max-age=15552000; includeSubDomains;, max-age=63072000; includeSubDomains; preload

Links to (12)

Linked from (1)

packindo.org×2