indexo.dev

hapimag.com

.com crawl

First seen 2026-05-15 · Last seen 2026-05-15 · ok HTTP/1.1 200 3154 ms crawled 2026-05-20

US · 104.18.190.221 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Language
en

Technology

CDN
Cloudflare
Analytics
  • Cloudflare Insights

Third-party hosts loaded (2)

  • challenges.cloudflare.com×1
  • static.cloudflareinsights.com×1

Registration

Registrar
COREhub, S.R.L.
Created
1998-02-17
Expires
2027-02-16 271 days left
Updated
2026-01-19
Name servers
  • jo.ns.cloudflare.com
  • lakas.ns.cloudflare.com

DNS records live

NS
  • jo.ns.cloudflare.com
  • lakas.ns.cloudflare.com
MX
  • 10 mx-01-eu-central-1.prod.hydra.sophos.com
  • 20 mx-02-eu-central-1.prod.hydra.sophos.com
TXT
Show 4 TXT records
  • sophos-domain-verification=2326335668b1a95680a310c5b62229c2d12d19d7
  • sophos-domain-verification=09a4a33ff86ce8cf4e089c67ac11616c69d97ffe98de9d4ee50def9da0d16d54
  • jetbrains-domain-verification=dptgjim7udcou2jde7pvxjf1g
  • 611716378-78911899
Verified for
  • Adobe
  • Anthropic
  • Atlassian
  • Canva
  • Google
  • Mailgun
  • Meta
  • Microsoft 365
  • Miro
  • OneTrust

Email authentication partial

SPF
v=spf1 include:_spf_eucentral1.prod.hydra.sophos.com include:_spf.google.com include:_spf.salesforce.com include:_spf.mailgun.org include:_spf.protection.outlook.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none; rua=mailto:networker@hapimag.com
policy: none (monitoring only)
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6R+hvLUScECYIOd4waw7+k7UsQrn5NW8WPeXlztrFXjXstmeONizwYLWrGWpqh5TEmjrUOVFF0Zzid…
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
selectors probed

Certificate (current)

Sectigo Public Server Authentication CA OV R36
from 2025-06-24 to 2026-07-14
Expires in 54 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.hapimag.com/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
Header values
referrer-policy
strict-origin
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self "https://www.youtube.com" "https://www.youtube-nocookie.com"),payment=()
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' data: blob: https://www.google.com https://www.gstatic.com/recaptcha/releases/ https://tagmanager.google.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/ https://tagm.hapimag.com https://cdn.cookielaw.org/ https://bat.bing.com/ https://www.googleadservices.com/ https://connect.facebook.net/ https://googleads.g.doubleclick.net/ https://td.doubleclick.net/ https://ct.pinterest.com/ https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.cloudflare.com https://challenges.cloudflare.com https://*.youtube.com https://*.youtube-nocookie.com http://www.youtube.com/iframe_api https://*.pinimg.com https://*.scarabresearch.com https://*.cloudflareinsights.com https://*.redditstatic.com https://*.ubembed.com/ https://*.js.ubembed.com/ https://*.spoteffects.net https://hapimagag--dev2.sandbox.my.site.com https://hapimagag.my.site.com https://hapimag-shell-production.pages.dev https://marketplace-module.hapimag.com https://book
strict-transport-security
max-age=15552000; includeSubDomains

Linked from (1)