What is the security status of decima.fund?

decima.fund has a security score of 57/100, rated as Moderate Risk. The website may have security concerns that should be addressed.

Is decima.fund safe to use?

Our security scan shows decima.fund is Moderate Risk. SSL security issues detected. Always practice safe browsing habits.

Does decima.fund have viruses?

Our comprehensive security scan analyzes multiple security factors. Based on the overall security score of 57/100, the website is rated as Moderate Risk. However, websites can change over time, so always use updated security software.

What is decima.fund's trust score?

decima.fund has a security score of 57/100. This score is based on multiple factors including SSL security, security headers, DNS health, and compliance checks.

Is decima.fund Safe? Security Analysis for Decima

https://decima.fund

Check if decima.fund is a scam or legitimate. Free security scan and reviews.

FinanceN/asmall

FramerRoboto fontInter fontKode Mono fontZen Dots font

Analyzed 9/6/2025Completed 7:22:10 PM

Security Score

MEDIUM RISK

AI Summary

Decima is a specialized investment fund focused on providing access to unique opportunities in Japan's crypto market. The website presents a professional and focused business description targeting investors interested in Japan and cryptocurrency assets. The technical infrastructure is built using Framer, leveraging modern web fonts and a responsive design, indicating a moderate level of digital maturity. However, there is a lack of visible security headers, privacy policies, and contact information, which limits the overall security posture and compliance maturity. The absence of WHOIS registrant details due to privacy protection is common in financial sectors but restricts full legitimacy assessment. Overall, the site is functional and professional but requires improvements in security and compliance transparency.

Detected Technologies

FramerRoboto fontInter fontKode Mono fontZen Dots font

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

Decima operates in the niche intersection of finance and technology, specifically targeting crypto investments in Japan. Its business model revolves around fund management and providing investors with access to Japan-specific crypto opportunities. The website content is concise and targeted, with no extraneous information. The lack of detailed company information, contact details, and regulatory disclosures suggests a small-sized entity possibly in early stages or maintaining privacy for competitive reasons. The absence of partner or subsidiary domains indicates a standalone operation. The site’s market positioning is niche and specialized, appealing to a focused investor segment.

Security Posture Analysis

Comprehensive Security Assessment

The current security posture of the Decima website is limited based on the available data. There is no evidence of HTTPS enforcement or security headers, which are critical for protecting user data and ensuring secure communications. The absence of privacy and cookie policies, as well as incident response contacts, indicates gaps in compliance with data protection regulations such as GDPR. No vulnerability disclosures or security.txt files are present, reducing transparency for security researchers. While no explicit vulnerabilities or malware are detected, the lack of security best practices and transparency poses a moderate risk to users and the business.

Strategic Recommendations

Priority Actions for Security Improvement

Implement HTTPS with a valid SSL/TLS certificate and enforce secure connections site-wide.

✨Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

Decima

Description:

Decima is a Japan + crypto native fund enabling access to unique Japan opportunities.

Key Services:

Investment fund managementAccess to Japan crypto opportunities

Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:

FramerRoboto fontInter fontKode Mono fontZen Dots font

Frameworks:

Framer

Performance:

moderate

Mobile:

good

Accessibility:

basic

SEO:

good

Security Assessment

Analytics & Tracking

Tracking Level:minimal

Privacy Compliance:poor

Advertising & Marketing

Transparency Level:poor

Website Quality Assessment

Design Quality:good

User Experience:good

Content Relevance:good

Navigation Clarity:good

Professionalism:good

Trustworthiness:moderate

Key Observations

Website is fully accessible with no blocking or WAF challenge.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

40/100

Score

Missing X-Frame-Options header

HIGH

Prevents clickjacking attacks

Critical sector without clear security compliance

HIGH

Detected sectors: energy, transport, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

70/100

Score

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF

Sender Policy Framework

DKIM

DomainKeys Identified Mail

DMARC

Domain-based Message Authentication

MX Records

Mail Exchange Records

BIMI

Brand Indicators

MTA-STS

Mail Transfer Agent Security

TLS-RPT

TLS Reporting

DNSSEC

DNS Security

SPF Details

Record:

v=spf1 include:dc-aa8e722993._spfm.decima.fund ~all

DNS Lookups:1/10

Policy:~all

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

57/100

Score

Weak Protocols Supported

HIGH

Server supports weak protocols: TLSv1.1

Certificate Transparency Not Implemented

LOW

Certificate is not logged in Certificate Transparency logs

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 61 days

Weak SSL Key Length

HIGH

SSL certificate uses 256-bit key, which is considered weak

Partial SSL/TLS Assessment

LOW

Completed 3 of 4 security checks due to time constraints

Protocol Support

TLSv1.3TLSv1.2TLSv1.1

OCSP Status

OCSP Stapling Enabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

75/100

Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

No DMARC Record

MEDIUM

DMARC policy not configured

DNS Records

A Records:35.71.142.77, 52.223.52.2

Name Servers:

ns53.domaincontrol.comDNS only

ns54.domaincontrol.comDNS only

MX Records:

5: alt1.aspmx.l.google.com

5: alt2.aspmx.l.google.com

10: alt3.aspmx.l.google.com

10: alt4.aspmx.l.google.com

SOA:Serial: 2024060300, TTL: 600s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:231ms

SPF Analysis

SPF Record:

v=spf1 include:dc-aa8e722993._spfm.decima.fund ~all

⚡Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100

Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is built using Framer, a modern design and prototyping tool, with extensive use of web fonts including Roboto, Inter, Kode Mono, and Zen Dots. The site appears to be responsive and well-structured with good SEO meta tags and Open Graph data for social sharing. However, there is no detected CMS or hosting provider information. Performance is moderate with no obvious errors or broken elements. Accessibility features are basic but present. The technical stack is modern but lacks advanced security and analytics integrations, indicating potential areas for technical enhancement and monitoring.

Analyze Another Website

Is decima.fund a Scam? Security Check Results - Decima Reviews

Is decima.fund Safe? Security Analysis for Decima

AI Summary

Detected Technologies

🧠AI Business Intelligence

Business Intelligence

Security Posture Analysis

Strategic Recommendations

✨Observations

AI-Enhanced Website Analysis

Business Insights

Technical Stack

Security Assessment

Analytics & Tracking

Advertising & Marketing

Website Quality Assessment

Key Observations

🛡️Security Headers

Security Headers

Missing X-Frame-Options header

Missing Content-Security-Policy header

Missing X-XSS-Protection header

Missing Referrer-Policy header

Missing Permissions-Policy header

Sensitive data may be cached

👤GDPR Compliance

GDPR Compliance

No Privacy Policy found

No Cookie Policy found

No Cookie Consent Banner found

GDPR Compliance Analysis

🛡️NIS2 Compliance

NIS2 Compliance

No information security framework found

No vulnerability disclosure policy

No security policy documentation found

No incident response procedures found

No business continuity planning found

No security contact information

No vulnerability reporting mechanism

No NIS2 reference found

Critical sector without clear security compliance

📧Email Security

Email Security

No DKIM record found

No BIMI Record

No MTA-STS Policy

No TLS-RPT Record

SPF Details

🏆SSL/TLS Security

SSL/TLS Security

Weak Protocols Supported

Certificate Transparency Not Implemented

SSL Certificate Expires Within 90 Days

Weak SSL Key Length

Partial SSL/TLS Assessment

Protocol Support

OCSP Status

📊DNS Health

DNS Health

DNSSEC Not Enabled

CAA Records Not Configured

No DMARC Record

DNS Records

DNSSEC Status

DNS Performance

SPF Analysis

⚡Network Security

Network Security

Good Network Security Posture

🔧Technical Analysis

Technical Analysis

Additional Findings