amartha.com

.com crawl

First seen 2026-05-03 · Last seen 2026-05-03 · ok HTTP/1.1 200 7283 ms crawled 2026-05-20

US · 104.20.42.207 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title

Amartha.com | Indonesian Technology Company

Description

Amartha merupakan perusahaan teknologi yang memiliki visi untuk mewujudkan sejahtera merata di Indonesia melalui ekosistem keuangan digital.

Language

Canonical

https://amartha.com/en/

Translations

Open Graph

url: https://amartha.com/en/
title: Amartha.com | Indonesian Technology Company
locale: id
site name: Amartha.com
description: Amartha merupakan perusahaan teknologi yang memiliki visi untuk mewujudkan sejahtera merata di Indonesia melalui ekosistem keuangan digital.

Technology

CDN: Cloudflare
CMS: Next.js
JS framework: Next.js

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Registration

Registrar

Web Commerce Communications Limited dba WebNic.cc

Created

2014-03-13

Expires

2027-03-13 296 days left

Updated

2026-03-22

Name servers

lakas.ns.cloudflare.com
mary.ns.cloudflare.com

DNS records live

NS

lakas.ns.cloudflare.com
mary.ns.cloudflare.com

MX

10 aspmx.l.google.com
100 alt3.aspmx.l.google.com
100 alt4.aspmx.l.google.com
50 alt1.aspmx.l.google.com
50 alt2.aspmx.l.google.com

TXT

Show 7 TXT records

_leb3mgbnagb5f4v34xwkaagdlzv7ziz
_xa4svek2y0fxqvncv3alnmmmyaz79jr
have-i-been-pwned-verification=dweb_y1f9rib8qdsvot2wml8212o3
k4t9pl2m45x24yt6wcdknq85twzls440
ml810f99v1dlcgd3k5qn3hm5tbfbp8n3
qqlt6zw4m198bn27hy559cd260bq6jbx
vc039gzmm7f8sv8tzvcj8x75jfvpmz40

Verified for

Apple
Atlassian
Google
Slack

Email authentication partial

SPF

v=spf1 include:_spf.google.com include:mailgun.org include:spf.mandrillapp.com include:mail.zendesk.com include:emailus.freshservice.com include:server.mcsv.net include:spfdm-ap-southeast-1.aliyun.com -all

strict (-all)

DMARC

v=DMARC1; p=none; sp=none; rf=afrf; pct=100; ri=86400; rua=mailto:dmarc_report@service.aliyun.com

policy: none (monitoring only) · sp=none

DKIM

Show 4 DKIM selectors

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszpn9quZ8hmo1FYFG6wXO7mExarzIAtP4aolZecUplo0cPgC+2OlHZeN7kGecXEiwySApVyBP+GHsI…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA102iVPdXH00hL7LpKxIcpbZjwNp2RW7iak++scI/FR8xnPkh5EX7MiJ45vqhOwewOyFWlFFnA0cy8Q5RZf…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDrhxCPWmDmd1MsVkT8TWEefXu33dhbufHU4EcJE+UHbEKdeApst+MOlSXMCf2qwe5E0GcckGKkt5Aw8im96m2fiF…

selectors probed

Certificate (current)

RapidSSL TLS RSA CA G1

from 2026-04-16 to 2026-11-01

Expires in 164 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://amartha.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src https: 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'none'; frame-ancestors 'self'; frame-ancestors 'self' *.amartha.com https://amartha.com, default-src https: 'unsafe-inline' 'unsafe-eval' ;
strict-transport-security: max-age=31536000; includeSubDomains; preload

Links to (2)

apple.com×1
wa.me×1

Linked from (1)

beasiswa-amartha.org×1