~/d/shopify.com

// shopify.com

Live audit across 8 checks. Cached 24h · generated less than a minute ago.

domain_grade

strong

/ 100 · across 8 checks

// points lost on:

spf −5 security headers −5 dnssec −3

[ save & monitor ]

SSL Certificate

[ OK ]

Valid for 83 more days.

Issued by WE1 · 83 days left · TLSv1.3

→ open SSL Certificate tool

DMARC Policy

[ OK ]

Strict DMARC policy enforced. Spoofed mail is rejected.

v=DMARC1; p=reject; pct=100; fo=1; rua=mailto:[email protected];ruf=mailto:[email protected]

→ open DMARC Policy tool

SPF Record

[ WARN ]

Soft fail (~all). Unauthorized senders flagged but not rejected. Consider -all for stronger protection.

3 lookups · all=~all

→ open SPF Record tool

MX Records

[ OK ]

MX configured. Detected provider: Google Workspace.

1 aspmx.l.google.com · 5 alt2.aspmx.l.google.com · 5 alt1.aspmx.l.google.com

→ open MX Records tool

Name Servers

[ OK ]

3 authoritative nameservers

gold.foundationdns.com · gold.foundationdns.net · gold.foundationdns.org

WHOIS

[ OK ]

Valid for 324 more days.

Registrar: MarkMonitor Inc. · expires 2027-03-11

→ open WHOIS tool

Security Headers

[ WARN ]

Below average (33/100) — missing: CSP, X-Frame-Options, Referrer-Policy, Permissions-Policy

Score 33/100

→ open Security Headers tool

DNSSEC

[ WARN ]

No DNSSEC — domain is not signed.

Not signed

→ open DNSSEC tool

[ embed_grade_badge ]

Domain grade: A — strong

markdown (github readme)

[![DomBrains grade](https://dombrains.com/badge/shopify.com/grade.svg)](https://dombrains.com/d/shopify.com)

html (any webpage)

<a href="https://dombrains.com/d/shopify.com"><img src="https://dombrains.com/badge/shopify.com/grade.svg" alt="DomBrains grade: A"></a>

// re-queries our scoring engine · cached 1h at the edge · backlinks to this profile page

[ per_check_badges ]

<img src="https://dombrains.com/badge/shopify.com/ssl">

<img src="https://dombrains.com/badge/shopify.com/dmarc">

<img src="https://dombrains.com/badge/shopify.com/spf">

<img src="https://dombrains.com/badge/shopify.com/mx">

<img src="https://dombrains.com/badge/shopify.com/dnssec">

<img src="https://dombrains.com/badge/shopify.com/security_headers">

// Snapshot freshness: this page is cached 24h. To force a re-scan, run any tool above with the same domain — that always queries live.