indexo.dev

hemi.xyz

.xyz crawl

First seen 2026-04-22 · Last seen 2026-05-16 · ok HTTP/1.1 200 1945 ms crawled 2026-05-16

US · 104.18.23.222 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Activate compliant Bitcoin yield without leaving custody
Description
The unified DeFi layer for Bitcoin that turns idle BTC into compliant yield with full ownership and secure in-custody execution.
Generator
Framer 265a357
Canonical
https://hemi.xyz/

Open Graph

url
https://hemi.xyz/
title
Activate compliant Bitcoin yield without leaving custody
description
The unified DeFi layer for Bitcoin that turns idle BTC into compliant yield with full ownership and secure in-custody execution.

Technology

CDN
Cloudflare
Analytics
  • Cloudflare Insights
  • Google Tag Manager

Third-party hosts loaded (5)

  • framerusercontent.com×691
  • hemistatus.com×5
  • events.framer.com×1
  • static.cloudflareinsights.com×1
  • www.googletagmanager.com×1

Social

Registration

Registrar
Cloudflare, Inc.
Created
2020-09-10
Expires
2026-09-10 114 days left
Updated
2025-10-07
Name servers
  • amanda.ns.cloudflare.com
  • sterling.ns.cloudflare.com

DNS records live

NS
  • blue.foundationdns.com
  • blue.foundationdns.net
  • blue.foundationdns.org
MX
  • 10 mxa.global.inbound.cf-emailsecurity.net
  • 10 mxb.global.inbound.cf-emailsecurity.net
TXT
Show 7 TXT records
  • openai-domain-verification=dv-fZ33aBAG5RiUoQiMVllUwIzr
  • security_contact=https://bugcrowd.com/engagements/hemi
  • verification=918af7e639814cfa8eac25de420501c3
  • 1password-site-verification=GWAX6JPQGBG6NMHILSXPGGJ4PY
  • apple-domain-verification=FuSVtopusLc7T5v9
  • google-site-verification=18Ls4zT6ASt2z6Dwf42UdxPMvg7I4UcnYVZVcJzfB4Y
  • google-site-verification=W_45CdFVBy3ZUI1mh4f7-V8_N4pd63ytjPe1fLKaEwk

Email authentication strong

SPF
v=spf1 include:_spf.google.com include:mail.zendesk.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; sp=quarantine; rua=mailto:f51338ababb8400b9429733c9292ab85@dmarc-reports.cloudflare.net,mailto:dmarc-reports@hemi.xyz,mailto:v3xgg1cx@ag.us.dmarcian.com; adkim=s; aspf=s
policy: quarantine · sp=quarantine
DKIM
  • google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUhUoqG+QXShz5DxiRt9Iya1794kiBXEbrJ5y4BsrjGVmPmT17o64xwXSZUchsbqaembf3YDYanz9C6NNyJ0…
selectors probed

Certificate (current)

WE1
from 2026-03-29 to 2026-06-27
Expires in 40 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://hemi.xyz/

present
  • strict-transport-security
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-resource-policy
findings
  • missing Content Security Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
camera=(), microphone=(), geolocation=()
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin

Links to (16)

Linked from (3)