hrparts.com

HTML metadata

Title: H&R Construction Equipment Parts | New, Used & Rebuilt Heavy Equipment Parts
Description: H&R Construction Equipment Parts carries new, used, and rebuilt parts for heavy equipment from Caterpillar, Komatsu, Volvo, John Deere, and more.
Language: en

Technology

CMS: Gatsby

Analytics

Google Tag Manager

Fonts

Google Fonts

Social widgets

YouTube Embed

Third-party hosts loaded (6)

www.googletagmanager.com×2
cdn.datatables.net×1
fonts.googleapis.com×1
rum.hlx.page×1
static.klaviyo.com×1
www.youtube.com×1

Social

Contact

Phone

1-800-333-0650

Address

20 Milburn St, 14212, Buffalo - New York, United States

Registration

Registrar

GoDaddy.com, LLC

Created

1996-09-20

Expires

2028-09-19 854 days left

Updated

2024-09-04

Name servers

lia.ns.cloudflare.com
tony.ns.cloudflare.com

DNS records live

NS

lia.ns.cloudflare.com
tony.ns.cloudflare.com

MX

10 mxa-009c6f01.gslb.pphosted.com
10 mxb-009c6f01.gslb.pphosted.com

TXT

Show 8 TXT records

facebook-domain-verification=1zmiqy4tpkevipkjcftbz5wnqbbrwz
google-site-verification=l3k5oq0qt_6w7qbZG1zTeWsdf_NqPoH1RTIKkTM3y1A
klaviyo-site-verification=VcaRf9
MS=9EBE33BEE068989915499160DC019A8196CEEA6B
MS=ms27202921
MS=ms43524528
apple-domain-verification=fXZHgrxabjvsxzY2
duo_sso_verification=FpndLVDjJlJ5AZoBL0uCHLG3xPZiCUBCCUvEmiWRDIvxuBH3P1cMD8S5K3DHAaAx

Email authentication strong

SPF

v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com include:spf-009c6f01.pphosted.com ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com;

policy: reject (enforced)

DKIM

Show 4 DKIM selectors

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTIXUThnZLKErY8+22NWL7P0EDnVBWNzW0BK/vBoG/ijeNgbaqp0ps3vS3EzmqerCe95d4w6t/Z8Y7…
dkim: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJ1ib48N3xX9kMZBtl38h666nbqHDsjyzY6/n0WhCF6Lm5KmovcSB/LyFpvzprT6DrSZt1LAayfOUUixBlSy…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYZqLCFkStJfvkMkcmqoEIiwP0y5S/WwboiKNDLzJ01pPyLlqGPyYxRcsr2X/1dL4qCleQLPmkqXqeDKnk…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDA7bWRbi0ZkU/KvaUl46U1lwr6J6TZVPfEcQ/W21QZbIyEKSns4QJkgnMCrHU4guzbidDpbxaFPu0RSUgZUZqL91…

selectors probed

Certificate (current)

R12

from 2026-03-24 to 2026-06-22

Expires in 35 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://www.hrparts.com/

present

content-security-policy-report-only
x-frame-options
x-content-type-options

findings

missing HSTS
missing Content Security Policy
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy-report-only: font-src fonts.gstatic.com use.typekit.net https://www.gstatic.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.yotpo.com *.googleapis.com *.gstatic.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.cybersource.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * *.facebook.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com c

Links to (12)

Linked from (2)

tractorpartsasap.com×1
partsasap.com×1