borboleta.com

.com crawl

First seen 2026-06-01 · Last seen 2026-06-02 · ok HTTP/1.1 200 1114 ms crawled 2026-06-02

CA · 23.227.38.65 · AS13335 Cloudflare, Inc.

Reputation 86/100 spf without fallback dmarc monitor-only

Classifying

HTML metadata

Title: Borboleta | Lash Serum & Lash Care
Description: Dreaming of lush lashes? Say 'hello' to our premier lash loving lineup, featuring our bestselling, clinically tested, cruelty-free lash serum.
Language: en
Canonical: https://borboleta.com/

Open Graph

url: https://borboleta.com/
title: Borboleta | Lash Serum & Lash Care
site name: Borboleta
description: Dreaming of lush lashes? Say 'hello' to our premier lash loving lineup, featuring our bestselling, clinically tested, cruelty-free lash serum.

Technology

CDN: Cloudflare
CMS: Shopify
jQuery: 3.5.1

Analytics

Google Tag Manager

Fonts

Adobe Fonts

Third-party hosts loaded (18)

cdn.shopify.com×9
cdnjs.cloudflare.com×3
monorail-edge.shopifysvc.com×2
mreq.github.io×2
ajax.googleapis.com×1
api.config-security.com×1
api.judge.me×1
c.albss.com×1
cdn.506.io×1
cdn.judge.me×1
cdn1.judge.me×1
code.jquery.com×1
conf.config-security.com×1
fonts.shopify.com×1
static.klaviyo.com×1
use.typekit.net×1
www.googletagmanager.com×1
www.klaviyo.com×1

Social

Registration

Registrar

Amazon Registrar, Inc.

Created

2002-09-08

Expires

2026-09-08 96 days left

Updated

2026-05-13

Name servers

ns-1266.awsdns-30.org
ns-1678.awsdns-17.co.uk
ns-235.awsdns-29.com
ns-732.awsdns-27.net

DNS records live

NS

ns-1266.awsdns-30.org
ns-1678.awsdns-17.co.uk
ns-235.awsdns-29.com
ns-732.awsdns-27.net

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

klaviyo-site-verification=Ur8qT9
asv_domain=de4d22eee4ca37baa7c6363bec7af593
klaviyo-site-verification=JtGAqM

Verified for

Google
Microsoft 365

Email authentication weak

SPF

v=spf1 redirect=borboleta.com.hosted.spf-report.com

missing all

DMARC

v=DMARC1; p=none; rua=mailto:79928f9d@mxtoolbox.dmarc-report.com; ruf=mailto:79928f9d@forensics.dmarc-report.com; fo=1

policy: none (monitoring only)

DKIM

google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNF3cBdfe/UrSMkQJamVSdwwHuq1mGZWYlXA1d503Vvhlt8Jqr0DzLv5EYe6Ml2S/AXGUVgYQa7Qf/gG+72…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4w6eQpkTmhsfp38/LSv37t/lCm7DK+x1LBf6X74IYaKDfsPXRCQysrPmyEt9tOGZi9lPCNN3n+B1uUM4jF…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AVEC4/+vILMoJ54zYflkyJa9RtDOOyXXYE0PVzZL+X48Pj31eXkRWfpLd+jqh1sYAz3xdrcc6XrKmxfKr…

selectors probed

Certificate (current)

YE2

from 2026-05-29 to 2026-08-27

Expires in 85 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://borboleta.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

short HSTS max-age
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
strict-transport-security: max-age=7889238

Links to (8)

Linked from (2)

borboletapro.com×1
thrivekzoo.com×1