indexo.dev

bodycircle.com

.com crawl

First seen 2026-06-01 · Last seen 2026-06-01 · ok HTTP/1.1 200 775 ms crawled 2026-06-02

US · 172.67.73.218 · AS13335 Cloudflare, Inc.

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title
Home page
Language
en
Canonical
https://bodycircle.com/

Technology

CDN
Cloudflare
CMS
Gatsby
Stack
PHP
Analytics
  • Cloudflare Insights
Fonts
  • Google Fonts

Third-party hosts loaded (2)

  • fonts.googleapis.com×2
  • static.cloudflareinsights.com×1

Social

Registration

Registrar
Network Solutions, LLC
Created
1996-09-25
Expires
2030-09-24 1571 days left
Updated
2026-04-20
Name servers
  • anderson.ns.cloudflare.com
  • mckenzie.ns.cloudflare.com

DNS records live

NS
  • anderson.ns.cloudflare.com
  • mckenzie.ns.cloudflare.com
MX
  • 10 mail.bodycircle.com

Email authentication partial

SPF
v=spf1 +a +mx +ip4:209.126.24.192 include:relay.mailchannels.net include:_spf.google.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
  • default: v=DKIM1; k=rsa; t=y; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqyF1EBk20trqAl+oVwS yU014wQFCAPv9hfSNC3zwkvL0BE747ie/ARfKQFXdY5m6Cjy2sUM…
selectors probed

Certificate (current)

E7
from 2026-04-20 to 2026-07-19
Expires in 43 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://bodycircle.com/

present
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
findings
  • missing HSTS
  • missing Content Security Policy
  • weak frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-content-type-options
nosniff
content-security-policy-report-only
worker-src blob:; font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com *.kxcdn.com *.fontawesome.com https://www.gstatic.com https://fonts.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardin

Links to (2)

Linked from (1)

Use this data via API

Everything on this page for bodycircle.com is available as JSON from the indexo.dev REST & MCP API.

curl "https://indexo.dev/api/v1/domains/bodycircle.com" \
  -H "X-API-Key: idx_..."

Read the docs & get a free key →