indexo.dev

roka.com

.com crawl

First seen 2026-04-12 · Last seen 2026-05-12 · ok HTTP/1.1 200 1945 ms crawled 2026-05-04

CA · 23.227.38.32 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
ROKA: Performance Sunglasses, Eyewear & Apparel
Language
en

Technology

CDN
Cloudflare
CMS
Shopify
Analytics
  • Google Tag Manager
  • Hotjar
Third-party hosts loaded (10)
  • cdn.shopify.com×28
  • www.googletagmanager.com×3
  • j.northbeam.io×2
  • static.klaviyo.com×2
  • cdn.kustomerapp.com×1
  • cdn.mgln.ai×1
  • shop.app×1
  • static.hotjar.com×1
  • utt.impactcdn.com×1
  • xp2023-pix.s3.amazonaws.com×1

Social

Contact

Phone

Registration

Registrar
GoDaddy.com, LLC
Created
1995-08-06
Expires
2027-08-05 443 days left
Updated
2022-09-30
Name servers
  • pdns07.domaincontrol.com
  • pdns08.domaincontrol.com

DNS records live

NS
  • pdns07.domaincontrol.com
  • pdns08.domaincontrol.com
MX
  • 10 aspmx.l.google.com
  • 20 alt1.aspmx.l.google.com
  • 30 alt2.aspmx.l.google.com
  • 40 alt3.aspmx.l.google.com
  • 50 alt4.aspmx.l.google.com
TXT
Show 12 TXT records
  • klaviyo-site-verification=WgqJ9L
  • ZOOM_verify_oCU-gZKNRmS9EuXosyJXEQ
  • facebook-domain-verification=zezd8a8dt945r9famop5stkw15zzaw
  • shopify-verification-code=XKGN3XiOjUAzyrinRVPqFca16cmr1M
  • pinterest-site-verification=edfcb23cc1f083af217e8c32c34c81f8
  • google-site-verification=pln_xTMq4f842-0O2ss8I-5m-p3w5b42y-X88cKT_m0
  • google-site-verification=DKnUYqCFJVKupx7V4YVCL7HXQCesF6zxDrTY9SJaWv4
  • klaviyo-site-verification=R7xWqY
  • klaviyo-site-verification=YutE5q
  • v=spf1 include:_spf.google.com include:klaviyomail.com include:mailgun.org include:sendgrid.net include:shops.shopify.com include:sent-via.netsuite.com include:245160532.spf08.hubspotemail.net ~all
  • anthropic-domain-verification-xrffxz=2cPwBJPNpuTsAFSx2URiLxNcN
  • google-site-verification=JLdh-MK24gZIsyE1vskEQ2Z3axDSeSUNN0zvktjDtNY

Certificate (current)

E8
from 2026-05-03 to 2026-08-01
Expires in 74 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.roka.com/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
base-uri 'self'; default-src 'self' https://assets.gorgias.chat https://www.google.com/ 'self' 'nonce-8575e1de37153f58cc6ed657a63e2e5a' https://cdn.shopify.com https://shopify.com; frame-ancestors 'self' *.myshopify.dev cdn.shopify.com shop.app www.google.com; style-src 'self' https://*.myshopify.dev/ https://cdn-widget-assets.yotpo.com/ https://cdn-widgetsrepository.yotpo.com/ staticw2.yotpo.com https://cdn.shopify.com/ https://embed.typeform.com/ https://fonts.googleapis.com/ https://www.googletagmanager.com/ https://img.roka.com/ https://prismic.io/ https://s3.amazonaws.com/ https://shop.app/ https://static.cdn.prismic.io/ https://static.klaviyo.com/ https://static-tracking.klaviyo.com/ cdnjs.cloudflare.com cdn.kustomerapp.com foursixty.com *.smile.io 'self' 'unsafe-inline' https://cdn.shopify.com; connect-src 'self' https://*.analytics.google.com https://*.g.doubleclick.net https://*.google-analytics.com https://google.com https://*.google.com https://*.googletagmanager.com https:/
strict-transport-security
max-age=31536000

Links to (7)

Linked from (2)