indexo.dev

pfcandleco.com

.com crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 491 ms crawled 2026-05-18

CA · 23.227.38.32 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
USA-Made Home Fragrance | P. F. Candle Co.
Description
P.F. Candle Co. is a handmade fragrance goods company, owned and operated by wife and husband team Kristen Pumphrey & Thomas Neuberger. Explore our line of scented soy candles, reed diffusers, incense, and so much more all made in the USA.
Language
en
Canonical
https://pfcandleco.com/

Open Graph

url
https://pfcandleco.com/
title
USA-Made Home Fragrance | P. F. Candle Co.
site name
P. F. Candle Co.
description
P.F. Candle Co. is a handmade fragrance goods company, owned and operated by wife and husband team Kristen Pumphrey & Thomas Neuberger. Explore our line of scented soy candles, reed diffusers, incense, and so much more all made in the USA.

Technology

CDN
Cloudflare
CMS
Shopify
Third-party hosts loaded (10)
  • cdn.shopify.com×5
  • polaris.truevaultcdn.com×2
  • shop.app×2
  • backinstock.useamp.com×1
  • cdn.attn.tv×1
  • cdn1.stamped.io×1
  • fonts.shopifycdn.com×1
  • monorail-edge.shopifysvc.com×1
  • pfcandleco.attn.tv×1
  • static.klaviyo.com×1

Social

Contact

Phone

Registration

Registrar
GoDaddy.com, LLC
Created
2013-01-02
Expires
2027-01-02 226 days left
Updated
2026-01-03
Name servers
  • ns37.domaincontrol.com
  • ns38.domaincontrol.com

DNS records live

NS
  • ns37.domaincontrol.com
  • ns38.domaincontrol.com
MX
  • 1 aspmx.l.google.com
  • 10 aspmx2.googlemail.com
  • 10 aspmx3.googlemail.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • klaviyo-site-verification=J4xDJx
  • D7409464
  • klaviyo-site-verification=PNSuQr
Verified for
  • Google
  • Meta

Email authentication partial

SPF
v=spf1 include:mailgun.org include:_spf.google.com include:shops.shopify.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none; rua=mailto:info@pfcandleco.com; ruf=mailto:info@pfcandleco.com; sp=none;
policy: none (monitoring only) · sp=none
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMnYyvS6ixfwrXiwwAFkE8+uvm5799V4zNb0RU8+FIRVnDbsmBxmENYjSK9TqdBMqZU2lv5Yl0uPAK…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2H7I4QyPJLDb4VCzzcV8mYxAKOCm9MrQz4graCnyXvGrVw0w6MrxefVB3MtNoU/T9VCyaNcdsNQCbmSCRz…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWLiEiPtEitla+4jor54Ye+kOrIrgnzgTqbBYrvXQJKDk94qaXN7d4WFMTPLVhKIlRP29DLzI+4TXmeQJO…
selectors probed

Certificate (current)

E7
from 2026-03-30 to 2026-06-28
Expires in 39 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://pfcandleco.com/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
findings
  • short HSTS max-age
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; frame-ancestors *; upgrade-insecure-requests;
strict-transport-security
max-age=7889238

Links to (6)

Linked from (1)