winsted.com

.com crawl

First seen 2026-04-20 · Last seen 2026-05-16 · ok HTTP/1.1 200 2088 ms crawled 2026-05-14

US · 162.159.140.127 · AS13335 Cloudflare, Inc.

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title: Control Room Consoles & Mission Critical Furniture | Global Leader Since 1963 | Winsted
Language: en-us
Canonical: https://www.winsted.com/

Open Graph

url: https://www.winsted.com/
title: Control Room Consoles & Mission Critical Furniture | Global Leader Since 1963 | Winsted
site name: Winsted

Technology

CDN: Cloudflare

Social widgets

YouTube Embed

Third-party hosts loaded (1)

www.youtube.com×1

Social

Contact

Email

Phone

Registration

Registrar

1API GmbH

Created

1996-01-07

Expires

2027-01-06 232 days left

Updated

2026-05-12

Name servers

ns1.dnsimple-edge.com
ns2.dnsimple-edge.net
ns3.dnsimple-edge.io
ns4.dnsimple-edge.org

DNS records live

NS

ns1.dnsimple-edge.com
ns2.dnsimple-edge.net
ns3.dnsimple-edge.io
ns4.dnsimple-edge.org

MX

10 mx1-us1.ppe-hosted.com
20 mx2-us1.ppe-hosted.com

TXT

Show 5 TXT records

apple-domain-verification=48Gh8dOARWSl2gAa
google-site-verification=vO31YmBe-XKujz-VfFFQLynvXH4nSYgprxtveM5ig50
ppe-1f6424cb6868c7be0f8b
MS=ms72069734
anthropic-domain-verification-v2n7gd=QdSiFwynUQRyfsTrRZJS8T8nB

Email authentication strong

SPF

v=spf1 a mx a:dispatch-us.ppe-hosted.com include:spf.protection.outlook.com ip4:24.181.30.66 ip4:45.79.50.91 ip4:45.79.59.72 ip4:34.138.130.51 ip4:50.145.164.254/30 include:customers.clickdimensions.com include:amazonses.com include:_spf.messagegears.net -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:08ba63a0@mxtoolbox.dmarc-report.com; ruf=mailto:08ba63a0@forensics.dmarc-report.com

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc3MynDxXb0XHh363RREDcIlWSTIW46yYlIO4/MLP055FAgJmyXr0O62NggiSNQSm0B2EDvZpYt+BW…

selectors probed

Certificate (current)

WE1

from 2026-04-30 to 2026-07-30

Expires in 72 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://www.winsted.com/

present

content-security-policy

findings

missing HSTS
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: base-uri 'self'; connect-src 'self' *.analytics.google.com analytics.google.com *.google-analytics.com *.googletagmanager.com stats.g.doubleclick.net www.google.com maps.googleapis.com www.googleadservices.com *.linkedin.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; default-src 'none'; font-src 'self' data: https://script.hotjar.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' www.google.com player.vimeo.com www.youtube.com www.googletagmanager.com td.doubleclick.net ; img-src 'self' data: www.google.com maps.gstatic.com *.googleapis.com *.ggpht.com www.winsted.com *.googletagmanager.com ssl.gstatic.com www.gstatic.com *.google-analytics.com googleads.g.doubleclick.net pagead2.googlesyndication.com www.googleadservices.com *.linkedin.com *.lfeeder.com https://static.hotjar.com https://script.hotjar.com https://survey-images.hotjar.com; manifest-src 'self'; media-src 'self'; object-sr

Links to (3)

Linked from (2)

d-matters.com×2
3dot-tech.com×1