hardiepromo.com

.com crawl

First seen 2026-04-13 · Last seen 2026-05-01 · ok HTTP/1.1 200 1014 ms crawled 2026-05-06

US · 20.84.222.125 · AS8075 Microsoft Corporation

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Reward Center
Language: en

Technology

Server: Microsoft-IIS
CMS: Gatsby

Registration

Registrar

NameCheap, Inc.

Created

2021-04-02

Expires

2027-04-02 318 days left

Updated

2026-03-03

Name servers

davina.ns.cloudflare.com
steven.ns.cloudflare.com

DNS records live

NS

davina.ns.cloudflare.com
steven.ns.cloudflare.com

MX

10 hardiepromo-com.mail.protection.outlook.com

TXT

Show 4 TXT records

oo9scnhpn5h1m5ls8m7mfqc4jd
5agb4vl0l6ejdjmmj8fkf4ecg0
MS=ms81575176
globalsign-domain-verification=E4D10CDDB348DC719619DF92F1D34B0F

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com include:spf-001e8f02.pphosted.com IP4:199.249.253.93 IP4:12.163.40.15 include:mailgun.org include:mailgun.info include:mailgun.net ~all

softfail (~all)

DMARC

not published

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA423BvLTQn+xAZgtxY85Q4AuQjxPXXPA0/IVzZDjTxqY5gInRnY2UZXL0C/W4tVd5G4UzORDye6YssKOT5o…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBhfF0STEIu4HqTBcdTGE9eBKIJnU0AZCS0Er++PGhjLEIcKOF+7q+d4z/n9xaNhTKcj6siaajOQM8x9XfueEfhV…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA OV R36

from 2026-03-25 to 2026-10-10

Expires in 144 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://hardiepromo.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN, sameorigin
x-content-type-options: nosniff
content-security-policy: default-src 'self' www.googletagmanager.com www.google-analytics.com stats.g.doubleclick.net www.google.com home-c12.incontact.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.msecnd.net www.googletagmanager.com www.google-analytics.com home-c12.incontact.com www.google.com www.gstatic.com; frame-src 'self' www.google.com www.gstatic.com home-c12.incontact.com; connect-src 'self' *.services.visualstudio.com ws: www.google.com www.gstatic.com; img-src 'self' data: https: www.google.com www.gstatic.com;
strict-transport-security: max-age=2592000

Linked from (1)

jameshardie.com×2