indexo.dev

hdsunflower.com

.com crawl

First seen 2026-04-16 · Last seen 2026-05-16 · ok HTTP/1.1 200 3972 ms crawled 2026-05-11

US · 104.20.43.217 · AS13335 Cloudflare, Inc.

Reputation 92/100 no dmarc policy

sector nonprofit type homepage

HTML metadata

Title
HDS - Global
Description
The Hidden Disabilities Sunflower is a discreet sign that the wearer has a hidden disability and may need additional support
Language
en
Canonical
https://hdsunflower.com/

Technology

CDN
Cloudflare
CMS
Gatsby
Analytics
  • Google Tag Manager
Cookie consent
  • Iubenda
Fonts
  • Google Fonts

Third-party hosts loaded (6)

  • fonts.googleapis.com×5
  • cdn.iubenda.com×1
  • kit.fontawesome.com×1
  • px.ads.linkedin.com×1
  • translate.google.com×1
  • www.googletagmanager.com×1

Social

Contact

Address
©2026 Hidden Disabilities Sunflower Scheme Limited. All Rights Reserved

Registration

Registrar
Register SPA
Created
2020-08-17
Expires
2026-08-17 89 days left
Updated
2025-08-17
Name servers
  • bella.ns.cloudflare.com
  • kyrie.ns.cloudflare.com

DNS records live

NS
  • bella.ns.cloudflare.com
  • kyrie.ns.cloudflare.com
MX
  • 0 hdsunflower-com.mail.protection.outlook.com
TXT
  • google-site-verification=ni7gHr56X86Zb6PXQswHPsSoSM5UuyaQSepyFVgT-Z0
  • MS=ms46910202

Email authentication weak

SPF
v=spf1 include:spf.protection.outlook.com include:mailgun.org -all include:one.zoho.com.au ~all
softfail (~all)
DMARC
not published
DKIM
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
selectors probed

Certificate (current)

WE1
from 2026-03-21 to 2026-06-19
Expires in 31 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://hdsunflower.com/

present
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • missing HSTS
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
font-src *.googleapis.com *.gstatic.com https://fonts.gstatic.com *.fontawesome.com https://fonts.bunny.net *.cloudflare.com *.bootstrapcdn.com *.twitter.com nitropack.io *.nitrocdn.com maxcdn.bootstrapcdn.com chimpstatic.com stats.g.doubleclick.net google.co.uk www.google.co.uk www.google.com www.facebook.com colou11126.pcapredict.com services.postcodeanywhere.co.uk v2.zopim.com www.rsa3dsauth.co.uk static.zdassets.com ekr.zdassets.com widget-mediator.zopim.com wss://widget-mediator.zopim.com secure5.arcot.com 3ds-secure.cardcomplete.com ecclients.btrl.ro bofp.erstebank.hu www.clicksafe.lloydstsb.com pay.activa-card.com 3dsecure-1.wirecard.com 3dsecure-2.wirecard.com acssv.otpbank.hu acs.sia.eu idcheck.acs.touchtechpayments.com sicher-bezahlen.sparkasse.at www.securesuite.co.uk bred.wlp-acs.com bnpp-3ds.wlp-acs.com verify.monzo.com *.buzzsprout.com buzzsprout.com *.typekit.net typekit.net googleapis.com *.hcaptcha.com hcaptcha.com *.google.com google.com *.facebook.com facebook.com *.

Links to (7)

Linked from (6)