indexo.dev

churndog.com

.com crawl

First seen 2026-04-12 · Last seen 2026-05-09 · ok HTTP/1.1 200 5393 ms crawled 2026-05-09

US · 172.67.209.129 · AS13335 Cloudflare, Inc.

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title
ChurnDog: Recover Lost Revenue & Keep More Customers
Description
Built for B2B SaaS, ChurnDog recovers lost revenue and prevents churn with automated workflows and real-time insights.
Language
en
Canonical
https://churndog.com/pages/marketing

Technology

CDN
Cloudflare
CMS
Next.js
Analytics
  • Google Tag Manager

Third-party hosts loaded (1)

  • www.googletagmanager.com×1

Social

Registration

Registrar
Cloudflare, Inc.
Created
2024-11-04
Expires
2027-11-04 533 days left
Updated
2025-05-16
Name servers
  • santino.ns.cloudflare.com
  • sureena.ns.cloudflare.com

DNS records live

NS
  • santino.ns.cloudflare.com
  • sureena.ns.cloudflare.com
MX
  • 10 in1-smtp.messagingengine.com
  • 20 in2-smtp.messagingengine.com
TXT
  • google-site-verification=kfpZ5Os48RCB1VznYB7hKjebSEYl6wII-DBqhQrKyzk

Email authentication partial

SPF
v=spf1 include:_spf.google.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

WE1
from 2026-04-23 to 2026-07-22
Expires in 64 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://churndog.com/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https: http: 'unsafe-inline' *.intercom.io; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' rsms.me; img-src 'self' blob: data: *.vercel-storage.com flag.vercel.app *.s3.eu-west-2.amazonaws.com images.unsplash.com s3.amazonaws.com *.intercomcdn.com *.intercomassets.com *.facebook.com *.linkedin.com googleads.g.doubleclick.net *.google.com *.google.co.uk *.googleusercontent.com; font-src 'self' rsms.me *.intercomcdn.com; media-src 'self' *.intercomcdn.com; connect-src 'self' *.sentry.io *.linkedin.com *.intercom.io wss://nexus-websocket-a.intercom.io https://api.eu-central-1.aws.tinybird.co; frame-src 'self' *.stripe.com *.doubleclick.net ; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; block-all-mixed-content; upgrade-insecure-requests;

Links to (4)

Linked from (1)