merchr.com

.com crawl

First seen 2026-05-21 · Last seen 2026-05-27 · ok HTTP/1.1 200 1005 ms crawled 2026-05-27

FR · 57.128.189.195 · AS16276 OVH SAS

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title

Home - Merchr

Language

en-GB

Generator

Site Kit by Google 1.179.0

Canonical

https://merchr.com/

Feeds

Merchr » Feed RSS
Merchr » Comments Feed RSS

Open Graph

url: https://merchr.com/
title: Home - Merchr
locale: en_GB
site name: Merchr
description: Create and sell your best online merch collection Start Now How It Works Free and easy to set up No need to hold any stock Printed on demand in the UK Dropship straight to your customers Sell online in 3 simple steps 1.Choose Your Merch Select your favourite products from our huge on-demand library 2.Add […]

Technology

Server: Apache
CMS: WordPress
jQuery: 3.7.1

Analytics

Google Tag Manager

Fonts

Font Awesome

Third-party hosts loaded (6)

use.fontawesome.com×3
www.googletagmanager.com×3
js-eu1.hs-scripts.com×2
ct.pinterest.com×1
gmpg.org×1
www.facebook.com×1

Social

Registration

Registrar

123-Reg Limited

Created

2012-11-17

Expires

2026-11-17 168 days left

Updated

2025-11-18

Name servers

ns09.domaincontrol.com
ns10.domaincontrol.com

DNS records live

NS

ns09.domaincontrol.com
ns10.domaincontrol.com

MX

0 merchr-com.mail.protection.outlook.com
32767 ms89774190.msv1.invalid

TXT

mandrill_verify.t1Voq8bHRKP5fJwu_q9yhw

Verified for

Microsoft 365
Pinterest
Postman

Email authentication partial

SPF

v=spf1 +a +mx ip4:57.128.189.195 ip4:77.68.48.165 ip4:77.68.82.249 include:spf.protection.outlook.com include:spf.mandrillapp.com include:25370867.spf10.hubspotemail.net -all

strict (-all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

from 2026-05-12 to 2026-08-10

Expires in 69 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 35/100 Checked live page: https://merchr.com/

present

permissions-policy

findings

missing HSTS
missing Content Security Policy
missing frame protection
missing content type protection
missing Referrer Policy

Header values

permissions-policy: private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")