indexo.dev

hanonsystems.com

.com crawl

First seen 2026-05-15 · Last seen 2026-05-20 · ok HTTP/1.1 200 8810 ms crawled 2026-05-20

KR · 203.251.21.9 · AS4766 Korea Telecom

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Hanon Systems

Technology

CDN
Akamai
jQuery
1.10.2 known XSS (<3.5)

Third-party hosts loaded (1)

  • code.jquery.com×1

Registration

Registrar
Gabia, Inc.
Created
2015-05-18
Expires
2029-05-18 1093 days left
Updated
2026-05-07
Name servers
  • ns.hanonsystems.com
  • ns2.kornet.net

DNS records live

NS
  • ns.hanonsystems.com
  • ns2.kornet.net
MX
  • 10 us-smtp-inbound-1.mimecast.com
  • 10 us-smtp-inbound-2.mimecast.com
Verified for
  • Atlassian
  • DocuSign
  • Microsoft 365

Email authentication weak

SPF
v=spf1 ip4:136.16.65.141 ip4:169.62.132.141 ip4:169.62.132.142 ip4:169.62.128.24 ip4:121.153.23.162 ip4:121.153.23.186 ip4:203.251.21.73 ip4:203.251.21.79 ip4:209.151.136.204 ip4:211.32.1.68 include:us._netblocks.mimecast.com include:spf.protection.outlook.com -all
strict (-all)
DMARC
not published
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFqg78hFM5kGXlIGH3uNBYN8qwN/l9ItHYti+JrRLRjvr1/JtClbLBLYVnK39DOICx/+IZecltF6bShU+eGr…
selectors probed

Certificate (current)

Sectigo RSA Organization Validation Secure Server CA
from 2025-12-01 to 2027-01-02
Expires in 226 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.hanonsystems.com/En

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'strict-dynamic' 'nonce-ExknZ9Yt7EqrH6vz0q3heQ==' https://www.googletagmanager.com https://www.google-analytics.com https://code.jquery.com https://html5shiv.googlecode.com https://www.google.com https://www.gstatic.com; connect-src 'self' https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://analytics.google.com https://stats.g.doubleclick.net https://www.googletagmanager.com; style-src 'self' 'nonce-ExknZ9Yt7EqrH6vz0q3heQ=='; font-src 'self' data:; img-src 'self' https://*.googletagmanager.com https://*.google-analytics.com https://www.gstatic.com https://*.google.co.kr; frame-src 'self' https://www.youtube-nocookie.com https://www.google.com; object-src 'none'; base-uri 'self'; frame-ancestors 'self';
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (9)

Linked from (2)