Hathi Masala

Hathi Masala: Trusted Indian brand crafting high-quality spices via cold grinding. Shop spices online. Free delivery on orders over ₹600!

hathimasala.com · Added June 16, 2026 · Last analysed June 16, 2026 · via · 71% unique tagline

Own this Launch?

StackScope is a free public catalogue of indie launches. We find launches on Product Hunt, Hacker News and similar feeds, then crawl each site to detect its tech stack and score it for launch readiness: DNS, security headers, SEO basics. This page is what we saw on 16 June 2026; the live site may have changed since.

Hathi Masala scores well across the board, with complete legal pages, a thorough launch checklist, and clean crawl signals. Main gaps: missing Referrer-Policy and Permissions-Policy and incomplete email security.

Launched on Product Hunt on June 16, 2026. The site is hosted on Cloudflare in Canada, with a domain registered in 2013. Our crawler found 28 technologies on this site, covering advertising, ecommerce, package cdn, and payments. The stack includes jQuery, Shiprocket, and Shopify.

Notably, it's one of only 6 launches we've crawled running Shiprocket and more locked down than the typical Product Hunt launch.

If you own this site, refresh the snapshot and see the full fix list any time →

9.1

StackScope Score

Excellent

100/100 Launch Readiness

Launch ready

4/6 Security Headers

Decent

3/3 Legal

Complete

2/2 Web Standards

Complete

70/100 Performance

Fast

Vibe Score 0 · No AI signals

Informational pattern-match signal. Does not feed the StackScope Score. See which fingerprints fired →

Tech Stack (28)

Infrastructure

CDN	Cloudflare
DNS	GoDaddy DNS
Protocol	HTTP/3
Security	HSTS

Business email	Microsoft 365 (3)

Build & Framework

Build tool	Vite
CSS framework	Tailwind CSS
Font	Google Fonts
Framework	jQuery
JavaScript library	idb-keyval
Package CDN	Google Hosted Libraries
Package CDN	jsDelivr (2)
WordPress plugin	WooCommerce Pixel Manager

Analytics & Marketing

Advertising	Facebook Pixel (2)
Advertising	Google Ads (3)
Analytics	Google Analytics (3)
Consent	Usercentrics
SEO	Google Search Console
Tag management	Google Tag Manager (2)

Commerce & Payments

Ecommerce	Shiprocket (2)
	Shopify (7)
Payments	GoKwik (3)
	Razorpay (5)
Shopify app	PushOwl (2)
	Whatmore

Business Tools

Chat	Zoko
Fraud prevention	Riskified
Reviews	Judge.me

Infrastructure

Network

CLOUDFLARENET - Cloudflare, Inc., US

AS13335 · CA

DNS

GoDaddy DNS

Authoritative nameserver

DNSSEC

Not enabled

DNS responses unsigned. Cache-poisoning vulnerable.

SSL Certificate

Let's Encrypt

Valid 22 May 2026 to 20 Aug 2026

Certificate as captured in this snapshot, not a live check.

Domain Age

13.3 years

Registered Feb 2013 · Wild West Domains, LLC

Email Security

✓

SPF -all Strict (-all). Strong.

✓

DKIM Detected via known email provider

✗

DMARC p=none None (p=none). Monitoring only.

MTA-STS Not deployed. Mail to your domain can be downgraded to plaintext en route.

TLS-RPT Not configured. You won't hear about silent SMTP TLS handshake failures.

Storage (54)

Cookies (22)

Name	Lifetime	Detected as
cart	1mo	-
gk_landing_page	10d	-
gk_orig_referrer	10d	GoKwik
localization	1y	-
po_visitor	1y	-
rzp_unified_session_id	< 1h	Razorpay
udid	1y	-
ufid	1y	-
utid	1y	-
_fbp	3mo	Facebook Pixel
_ga	1y	Google Analytics
_ga_CGR2JZH74R	1y	Google Analytics
_ga_VF6T91Y6L0	1y	Google Analytics
_ga_Y2Z2NHV5H6	1y	Google Analytics
_gcl_au	3mo	Google Ads
_shopify_analytics	1y	Shopify
_shopify_essential	1y	Shopify
_shopify_marketing	1y	Shopify
_shopify_s	< 1h	Shopify
_shopify_y	1y	Shopify
_shop_app_essential	1y	Shopify
_uc_dd_9369c17854c6d7b6d4b6ec578a6fac33	< 1h	-

Local storage (17)

Key	Size	Detected as
er_client_id	21 B	-
lastExternalReferrer	5 B	-
lastExternalReferrerTime	13 B	-
pushowl_original_url_params	0 B	PushOwl
pushowl_visitor_token	36 B	PushOwl
rzp_checkout_anon_id	32 B	Razorpay
rzp_device_id	65 B	Razorpay
signInWithShop:cartSyncTransferAttemptedAt	13 B	Shopify
whatmore_brand_customizations	10.1 KB	Whatmore
w_user_type	7 B	-
_gcl_ls	152 B	Google Ads
_whatmore_first_touch_sent	1 B	Whatmore
_whatmore_session_id	21 B	Whatmore
_whatmore_session_time	13 B	Whatmore
_whatmore_store_id	11 B	Whatmore
_whatmore_user_id	21 B	Whatmore
__uc_site	339 B	Usercentrics

Session storage (14)

Key	Size	Detected as
consentHeader	38 B	Shopify
ER_CartItems	2 B	-
pushowl_current_config_key	63 B	PushOwl
pushowl_landing_page_url	24 B	-
pushowl_landing_page_url_params	0 B	-
pushowl_referrer	0 B	PushOwl
pushowl_session_token	36 B	PushOwl
pushowl_shopify_config-1.5-929cfc4b-e4dc-41cf-8388-9cfc46a4b0fe	6.4 KB	PushOwl
pushowl_subdomain	10 B	PushOwl
ri-gGuMQFazTr2CslacnJ7fCheBYCUU-z	13 B	Riskified
themeQuick148637679686	100.2 KB	-
wpm-ri-806b8c40-56b3-4ebd-82b2-569c9c9edf0a-1781602514-z	13 B	WooCommerce Pixel Manager
_shs_state	128 B	Shopify
__rzp_risk	17.9 KB	Razorpay

IndexedDB (1)

Database	Version	Detected as
keyval-store	1	idb-keyval

Readiness Breakdown How?

✓ Custom title and meta description

✓ Open Graph tags (title, image, description)

✓ Twitter card meta tags

✓ Canonical URL declared

✓ Responsive viewport meta tag

✓ Favicon present

✓ Semantic HTML (nav, main, article)

⚠

Page title is 102 characters (advisory) Google only shows about 60 characters of the title in search results; aim for 50–60 to keep the whole thing visible.

Performance How?

265 ms Server response

62% Faster than peers

1344 ms Largest contentful paint

0.00 Cumulative layout shift

6.1 MB Page weight

2.0 MB Image weight

22 Third-party domains

2 Console errors

0 Failed requests

⚠ 111 images: 27 oversized, 25 without width/height, 1 missing alt text

Indicative grade from a single automated render, not a substitute for Lighthouse or field data, and not part of the StackScope score.

AI Stance

Welcomes AI crawlers

✓ llms.txt published

✓ No AI bots blocked in robots.txt

Content-Signal

? No directive declared

Link headers

? None advertised

Well-Known Files

✓ robots.txt

✓ sitemap.xml (5 URLs)

✗ security.txt

✓ llms.txt

✗ ads.txt

✗ humans.txt

Legal

✓ Privacy Policy

✓ Terms of Service

✓ Consent manager: Usercentrics

78% unique

Mentions:

GDPR Cookies DPO

Security Headers (4/6)

✗

Referrer-Policy

✓

X-Frame-Options

✗

Permissions-Policy experimental (check browser support)

✓

X-Content-Type-Options

✓

Content-Security-Policy ⚠ CSP violation detected: your policy is blocking 1 of your own resource

✓

Strict-Transport-Security

–

X-XSS-Protection deprecated (use Content-Security-Policy)

Build

✓ Code splitting

44 JS files

28 CSS files

22 Third-party domains

Brand Colours

Something not look right? If a technology shown here is wrong or out of date, email [email protected] and we'll review it.