indexo.dev

upneeq.com

.com crawl

First seen 2026-05-02 · Last seen 2026-05-02 · ok HTTP/1.1 200 2002 ms crawled 2026-05-08

CA · 23.227.38.65 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Upneeq® | FDA-Approved Eye Drops for Low-Lying Eyelids
Description
Upneeq is the first and only FDA-approved prescription eye drop for acquired blepharoptosis (low-lying eyelids). Proven results from one daily drop.
Language
en

Technology

CDN
Cloudflare
CMS
Shopify
Analytics
  • Google Tag Manager

Third-party hosts loaded (3)

  • cdn.shopify.com×40
  • shop.app×1
  • www.googletagmanager.com×1

Registration

Registrar
GoDaddy.com, LLC
Created
2020-01-27
Expires
2031-01-27 1713 days left
Updated
2026-01-28
Name servers
  • ns1-02.azure-dns.com
  • ns2-02.azure-dns.net
  • ns3-02.azure-dns.org
  • ns4-02.azure-dns.info

DNS records live

NS
  • ns1-02.azure-dns.com
  • ns2-02.azure-dns.net
  • ns3-02.azure-dns.org
  • ns4-02.azure-dns.info
MX
  • 0 upneeq-com.mail.protection.outlook.com
TXT
  • google-site-verification=1x6BcomFs1sBznjNGyV_xg19JDlHP1_OV18udnwBhfM
  • MS=ms65484463
  • sfpw6g1k3p1zr1dbyc4j6l1hbj8n93jh

Email authentication partial

SPF
v=spf1 include:spf.protection.outlook.com include:50598214.spf08.hubspotemail.net -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvU8Mz2rHI4epatvfj0AllE4DFI0bjlI3SpzCj/nJtjoo037eceQDmUVjl0blbuOfJGYg0Js3E6fG0QLN5z…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0b2G9J+OepQV/sP3ifWOwdj34wnQK+PHVS9NPTD9YaFnKfean4y/FVSvfn3IRZ1ILJ0yiqPEKvl+xArnvz…
selectors probed

Certificate (current)

E8
from 2026-04-10 to 2026-07-09
Expires in 51 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.upneeq.com/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
base-uri 'self'; default-src https://*.intercomcdn.com https://*.doubleclick.net https://*.pinterest.com https://*.facebook.com https://*.facebook.net https://*.google.com https://*.googleadservices.com https://*.googlesyndication.com https://*.g.doubleclick.net https://*.stackadapt.com https://*.tiktok.com https://*.tiktokcdn.com https://*.tiktokv.com https://*.pinimg.com https://*.fbcdn.net https://*.intercom.io https://*.intercomcdn.com https://*.intercomassets.com 'self' 'nonce-6c783886eba78c9b2ad32558e0ed65e2' https://cdn.shopify.com https://shopify.com; frame-ancestors 'none'; style-src 'self' 'unsafe-inline' https://cdn.shopify.com https://fonts.googleapis.com http://localhost:* https://tags.srv.stackadapt.com https://*.google-analytics.com https://*.googletagmanager.com https://*.facebook.com https://*.doubleclick.net https://*.pinterest.com https://*.tiktok.com https://*.intercom.io https://*.intercomcdn.com https://*.stackadapt.com https://*.google.com https://*.googleadservi
strict-transport-security
max-age=31536000

Linked from (1)