indexo.dev

supermouth.com

.com crawl

First seen 2026-05-29 · Last seen 2026-05-29 · ok HTTP/1.1 200 293 ms crawled 2026-05-31

CA · 23.227.38.65 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
SuperMouth
Description
SuperMouth is a revolutionary oral care system that is designed to help you achieve a brighter, healthier smile. Our products are designed to be easy to use and effective, so you can get the results you want without the hassle.
Language
en

Open Graph

title
SuperMouth
description
SuperMouth is a revolutionary oral care system that is designed to help you achieve a brighter, healthier smile. Our products are designed to be easy to use and effective, so you can get the results you want without the hassle.

Technology

CDN
Cloudflare
CMS
Shopify
Analytics
  • Google Tag Manager
Third-party hosts loaded (7)
  • cdn.shopify.com×89
  • supermouthcdn.blob.core.windows.net×20
  • pics.io×3
  • www.googletagmanager.com×2
  • script.crazyegg.com×1
  • shop.app×1
  • www.facebook.com×1

Social

Registration

Registrar
GoDaddy.com, LLC
Created
2004-02-22
Expires
2027-02-22 261 days left
Updated
2022-11-17
Name servers
  • pdns11.domaincontrol.com
  • pdns12.domaincontrol.com

DNS records live

NS
  • pdns11.domaincontrol.com
  • pdns12.domaincontrol.com
MX
  • 0 supermouth-com.mail.protection.outlook.com
TXT
  • v=verifydomain MS=4289963
  • klaviyo-site-verification=QZaRKU
  • hubspot-developer-verification=M2U3NTJlM2YtY2IxOS00NmM5LWJiODctYWNhMjQ2MTgwYTRi
Verified for
  • Atlassian
  • Google
  • Meta
  • Microsoft 365

Email authentication partial

SPF
v=spf1 include:spf.protection.outlook.com include:mail.zendesk.com -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

E7
from 2026-04-28 to 2026-07-27
Expires in 52 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://supermouth.com/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
base-uri 'self'; default-src 'self' 'nonce-b406aae4e91251686810d500f9df29a0' https://cdn.shopify.com https://shopify.com; frame-ancestors 'none'; style-src 'self' 'unsafe-inline' https://cdn.shopify.com; connect-src 'self' https://www.google-analytics.com https://cdn.shopify.com https://cdn.supermouth.com https://a.klaviyo.com https://supermouth-api-dev.azurewebsites.net https://supermouth-api-prod.azurewebsites.net wss://quiet-terrapin-internally.ngrok-free.app:* https://www.googletagmanager.com https://www.facebook.com https://connect.facebook.net https://analytics.google.com https://api.reviews.io https://stats.g.doubleclick.net script.crazyegg.com tracking.crazyegg.com pagestates-tracking.crazyegg.com assets-tracking.crazyegg.com *.crazyegg.com 44.238.122.172 100.20.58.101 35.85.84.151 44.228.85.26 34.215.155.61 35.160.46.251 52.71.121.170 18.210.229.244 44.212.189.233 3.212.39.155 52.22.50.55 54.156.2.105 https://google.com https://www.google.com *.wistia.com *.wistia.net *.akamai
strict-transport-security
max-age=31536000

Links to (8)

Linked from (1)