henry.com

HTML metadata

Title: Henry Home
Description: .
Canonical: https://www.henry.com/

Technology

CDN: Cloudflare

Analytics

Google Tag Manager

Cookie consent

OneTrust

Third-party hosts loaded (6)

dam.carlisle.com×9
cdn.cookielaw.org×2
www.googletagmanager.com×2
js.hs-scripts.com×1
js.hsforms.net×1
www.facebook.com×1

Social

Registration

Registrar

GoDaddy Corporate Domains, LLC

Created

1994-08-11

Expires

2026-08-10 83 days left

Updated

2025-07-11

Name servers

gabriella.ns.cloudflare.com
javon.ns.cloudflare.com

DNS records live

NS

gabriella.ns.cloudflare.com
javon.ns.cloudflare.com

MX

0 carlisle-com.mail.protection.outlook.com

TXT

Show 11 TXT records

i0dj2kma24j4p316f7eu8f3mle
adobe-idp-site-verification=c4f61c193089a91c705a788d2345d323c48839d29b0e31dad6713bb43321be77
teamviewer-sso-verification=105567c14fdc4b89be0cd05d112e6410
knowbe4-site-verification=aca3e0b3b65321b12d876e46610edcbc
anthropic-domain-verification-htvyvx=ErUNWGCrz9fWM1nfd3Qefk10F
google-site-verification=2C8emXvP3GYgjuOvL70AooFyUGdeJ_j_1G-wlxlRDAg
facebook-domain-verification=pxp6l9ae7nmqefr2kqniu8f8sf2tce
OMbpRZKtrmlXVUANlzgB8n7qfygEUQPS7kP1+IdKFHJSXsG1WkA0RsSG9A22T/MIlGvt9pb7Ji4CZCKnR+RHCA==
wrike-verification=MzcyNDQwNTozZDFkOWIwNjAwNDY3YjE0YTBlODQzYWU4N2I5YTkzNzI0YzMyNmE2N2M4NjJlZmQyNzMzYzk1MWQ1MjNiZGY1
pardot659813=2e554cc1c5c2c63403181e68ca0a5aab4302bb282899c15f9b9c7a7e95d0cef1
google-site-verification=DH56djoHZggNpuqEORgvp7ZhMs9MCfl-BbvhQQmgVCM

Email authentication strong

SPF

v=spf1 include:spf.protection.outlook.com include:_spf.salesforce.com ip4:12.138.47.82 ip4:12.4.37.114 ip4:98.97.59.239 ip4:98.97.56.22 ip4:98.97.61.11 ip4:4.15.161.42 ip4:12.22.4.130 ip4:12.22.4.135 ip4:173.212.161.145 ip4:72.138.153.198 ip4:76.80.4.239 ip4:104.166.12.121 ip4:172.99.63.114 ip4:208.254.134.7 ip4:76.80.4.253 ip4:199.219.128.44/30 ip4:173.12.54.112/30 ip4:208.254.134.14 ip4:50.254.66.89 ip4:65.115.50.67 include:118964.spf10.hubspotemail.net -all

strict (-all)

DMARC

v=DMARC1;p=reject;pct=100;rua=mailto:dmarca@carlisle.com; ruf=mailto:dmarcf@carlisle.com

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzK+PJG69aiENsyHc35jcSJqi81kpQTkisYoEO88V7lshL6udUckNJm6C+8R6SmC3vl+BGujcsZYBb2…

selectors probed

Certificate (current)

WE1

from 2026-05-06 to 2026-08-04

Expires in 77 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://www.henry.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),camera=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; base-uri 'self'; connect-src 'self' https://*.henry.com https://*.carlislehvac.com https://*.carlislebuildingsolutions.com https://*.dxcloud.episerver.net https://*.clarity.ms https://*.mktoresp.com https://*.visualstudio.com https://*.facebook.com https://cdn.cookielaw.org https://*.googletagmanager.com https://*.google.com https://google.com https://*.doubleclick.net https://*.onetrust.com https://*.googleapis.com https://*.hsforms.com https://*.hubspot.com https://*.hubapi.com https://hubspot-forms-static-embed.s3.amazonaws.com https://*.cloudfront.net https://static.hsappstatic.net https://*.acsbapp.com https://acsbapp.com https://*.google-analytics.com https://*.doubleclick.net https://px.ads.linkedin.com https://*.stape.biz https://insight.adsrvr.org https://*.ecs.us-east-1.on.aws https://*.us-central1.run.app https://js.monitor.azure.com https://*.applicationinsights.azure.com; font-src 'self' data: https://*.henry.com https://*.carlislehvac.com https://*.car
strict-transport-security: max-age=31536000