heraclea.co
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Shopify
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (9)
- cdn.shopify.com×2
- shop.app×2
- static.klaviyo.com×2
- api.config-security.com×1
- cdn-static.okendo.io×1
- conf.config-security.com×1
- fonts.shopifycdn.com×1
- monorail-edge.shopifysvc.com×1
- www.googletagmanager.com×1
Social
DNS records live
- NS
-
- ns-cloud-a1.googledomains.com
- ns-cloud-a2.googledomains.com
- ns-cloud-a3.googledomains.com
- ns-cloud-a4.googledomains.com
- MX
-
- 1 aspmx.l.google.com
- 10 alt3.aspmx.l.google.com
- 10 alt4.aspmx.l.google.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- TXT
-
klaviyo-site-verification=QPqvmM
Email authentication partial
- SPF
-
v=spf1 include:_spf.heraclea_co._d.easydmarc.pro ~allsoftfail (~all) - DMARC
-
v=DMARC1;p=none;rua=mailto:db29cd8de5@rua.easydmarc.eu,mailto:1dd3f5c7@inbox.ondmarc.com;ruf=mailto:db29cd8de5@ruf.easydmarc.eu,mailto:1dd3f5c7@inbox.ondmarc.com;ri=3600;fo=1;policy: none (monitoring only) - DKIM
-
- google:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsABec92jOrsWHySmjhuY8H6LuFCz7DuNu1UNn3OrDEPAaWosFwIIH4aeRapHD6piT2wnl2sKNSnEW7…
selectors probed - google:
Certificate (current)
E7
Expires in 55 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- short HSTS max-age
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
DENY- x-content-type-options
nosniff- content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;- strict-transport-security
max-age=7889238