getlaces.co
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Shopify
- Fonts
-
- Adobe Fonts
Third-party hosts loaded (12)
- cdn.shopify.com×3
- cdn-sf.vitals.app×2
- shop.app×2
- api.config-security.com×1
- appsolve.io×1
- conf.config-security.com×1
- config.gorgias.chat×1
- config.gorgias.help×1
- content.9gtb.com×1
- monorail-edge.shopifysvc.com×1
- static.klaviyo.com×1
- use.typekit.net×1
Social
DNS records live
- NS
-
- ns31.domaincontrol.com
- ns32.domaincontrol.com
- MX
-
Show 6 MX records
- 1 aspmx.l.google.com
- 10 alt3.aspmx.l.google.com
- 10 alt4.aspmx.l.google.com
- 15 jhi47u3yltecpc4qz5biy4gxpy5rlxvcrhfqnzfvvsps5vcnli3a.mx-verification.google.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- TXT
-
klaviyo-site-verification=SxSbuG
Email authentication strong
- SPF
-
v=spf1 include:_spf.google.com include:klaviyo-mail.com include:shops.shopify.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:hello@getlaces.co; ruf=mailto:hello@getlaces.co; pct=100policy: reject (enforced) - DKIM
- no key found at common selectors
Certificate (current)
E7
Expires in 37 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- short HSTS max-age
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
DENY- x-content-type-options
nosniff- content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;- strict-transport-security
max-age=7889238