indexo.dev

hospitalitysupplyonline.com

.com crawl

First seen 2026-05-16 · Last seen 2026-05-16 · ok HTTP/1.1 200 6048 ms crawled 2026-05-20

US · 108.61.149.34 · AS20473 The Constant Company, LLC

Reputation 87/100 weak security headers no dmarc policy

Classifying

HTML metadata

Title
Hospitality Supply Inc. | Ft. Collins, Colorado Restaurant Supply Store
Description
Our Ft. Collins, Colorado based restaurant supply store offers a wide range of commercial kitchen equipment. Buy restaurant equipment and from Hospitality Supply Inc. online or in stores today
Language
en
Canonical
https://hospitalitysupplyonline.com/

Open Graph

url
https://hospitalitysupplyonline.com/
title
Hospitality Supply Online
locale
en_US
description
Opening a new restaurant? We can be your restaurant source and help you with design, set up, and menu integration while we save you money at the same time!

Technology

Server
nginx
CMS
Gatsby
Stack
PHP
Analytics
  • Google Tag Manager
Ads
  • Criteo
  • Xandr
Fonts
  • Google Fonts

Third-party hosts loaded (6)

  • dynamic.criteo.com×1
  • fonts.googleapis.com×1
  • ib.adnxs.com×1
  • maxcdn.bootstrapcdn.com×1
  • www.facebook.com×1
  • www.googletagmanager.com×1

Social

Contact

Email
Phone

Registration

Registrar
GoDaddy.com, LLC
Created
2005-02-10
Expires
2027-02-10 264 days left
Updated
2026-02-11
Name servers
  • ns33.domaincontrol.com
  • ns34.domaincontrol.com

DNS records live

NS
  • ns33.domaincontrol.com
  • ns34.domaincontrol.com
MX
  • 10 mx1-us1.ppe-hosted.com
  • 20 mx2-us1.ppe-hosted.com
TXT
  • NETORGFT7929677.onmicrosoft.com
Verified for
  • Google

Email authentication weak

SPF
v=spf1 a:dispatch-us.ppe-hosted.com include:secureserver.net -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-04-20 to 2026-07-19
Expires in 59 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://hospitalitysupplyonline.com/

present
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
findings
  • missing HSTS
  • missing Content Security Policy
  • weak frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-content-type-options
nosniff
content-security-policy-report-only
font-src *.fontawesome.com *.gstatic.com/ *.bootstrapcdn.com/ https://analytics.google.com/ https://www.googletagmanager.com/ data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.googleapis.com/ *.gstatic.com/ https://analytics.google.com/ https://www.googletagmanager.com/ 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcom

Links to (4)

Linked from (1)