zurb.com

HTML metadata

Title: ZURB - Product Design Company
Description: ZURB is a product design company that helps organizations design better experiences through research-driven design strategy, interaction design, and branding.
Language: en
Canonical: https://zurb.com

Open Graph

url: https://zurb.com
title: ZURB
site name: ZURB
description: ZURB is a product design company that helps businesses create better experiences through research-driven design strategy, interaction design, and branding.

Technology

CDN: Cloudflare

Social

Contact

Email

getstarted@zurb.com

Registration

Registrar

Tucows Domains Inc.

Created

1999-06-11

Expires

2028-01-18 609 days left

Updated

2020-03-09

Name servers

josh.ns.cloudflare.com
zara.ns.cloudflare.com

DNS records live

NS

josh.ns.cloudflare.com
zara.ns.cloudflare.com

MX

Show 7 MX records

10 aspmx.l.google.com
20 alt1.aspmx.l.google.com
20 alt2.aspmx.l.google.com
30 aspmx2.googlemail.com
30 aspmx3.googlemail.com
30 aspmx4.googlemail.com
30 aspmx5.googlemail.com

TXT

nbsagh8lforn0r7rdtablroviq
google-site-verification=vXuKw5H-rDQjuGm5JrupCZA3W0eNY1uiHAZbvPAGOQc

Email authentication strong

SPF

v=spf1 include:_spf.google.com include:sendgrid.net include:cmail1.com include:amazonses.com ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:54f0c85414044861a674cb7461f03db4@dmarc-reports.cloudflare.net,mailto:security@zurb.com; ruf=mailto:security@zurb.com; fo=1

policy: quarantine

DKIM

Show 4 DKIM selectors

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZdagip5gIoI7x8t9hLmQMQn4ZMNPLSuAM/oPsCSrCN0XmdnhW6aTlvlpRoogCZEdCWs1pKa/L+ac4…
mail: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDF3Ijv/lVnLa+/OZkVqi9VgXUFhe6I0mFAkfIaeKxzWT6bDt6YRDLelr8KOL//X5mRrdCpcLIsbgakH3yPsLKNh9…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9CUkwMve7UnjheEKWQkyJubwXAV9aEluqtoVXAjLD8YcTc49Fghg8YW563IAYPt26RWHFI1MJ/5H4FMPN…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvlAmf3zC2UbyWxetLMoP8LLRbaFhNTAcxiEGyA15jPblg/DwfNLdKpxt9BNogRBMPFbiEWK3fOPlLbg4shq4UoV…

selectors probed

Certificate (current)

E7

from 2026-03-23 to 2026-06-21

Expires in 33 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://zurb.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak content type protection
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff, nosniff
content-security-policy: style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/font-awesome.min.css; img-src 'self' https://i0.wp.com https://helio.app https://notableapp.com https://*.zurb.com https://*.gravatar.com https://*.cloudfront.net https://zurb-dot-com-prod.s3.amazonaws.com https://www.google-analytics.com https://c0.froala.com https://fast.wistia.com https://embed-ssl.wistia.com https://embedwistia-a.akamaihd.net blob: data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.intercomcdn.com https://widget.intercom.io https://js-agent.newrelic.com https://*.honeybadger.io https://*.cloudfront.net https://*.kissmetrics.com https://www.googletagmanager.com https://code.jquery.com https://dhbhdrzi4tiry.cloudfront.net/cdn/sites/foundation.js https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 https://www.google-analytics.com/analytics.js https://helio-embed.zurb.com:443/ https://helio-embed-staging.zurb.com/
strict-transport-security: max-age=31536000; includeSubDomains

Links to (2)

helio.app×4
linkedin.com×4