hivepass.app — domain check, WHOIS, DNS & reputation

HTML metadata

Title: Trail Association & Mountain Bike Club Membership Software | Hivepass
Description: Hivepass is membership software built for trail associations and mountain bike clubs. Manage members, collect payments, run email campaigns, issue digital cards, and grow your community — try free.
Language: en
Canonical: https://hivepass.app/

Open Graph

url: https://hivepass.app/
title: Membership Software for Trail Associations & Mountain Bike Clubs | Hivepass
site name: Hivepass
description: Hivepass is membership software built for trail associations and mountain bike clubs. Manage members, collect payments, run email campaigns, digital cards, and grow your community.

Technology

CMS: Gatsby

Analytics

Google Tag Manager

Third-party hosts loaded (5)

assets.calendly.com×2
kit.fontawesome.com×1
play.google.com×1
usermaven.com×1
www.googletagmanager.com×1

Social

DNS records live

NS

ns41.domaincontrol.com
ns42.domaincontrol.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

Verified for

Google

Email authentication strong

SPF

v=spf1 include:_spf.google.com include:sendgrid.net ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; sp=quarantine; pct=100; rua=mailto:dmarc-reports@hivepass.app; aspf=s; adkim=s; fo=1

policy: quarantine · sp=quarantine

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNUX15QdYEYLwKFqjjhQn6kskXVxjdDxJtpoAa8ACdGHX5208ibo7tFWjDwMlLRGn78TXgxql9YGye…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIY2yVJz0AsXDWVQVaKGW9483q+e1HQLpKgd0KqVYkdDsNWpo/s+AZ9YUwVL+M9IufytET0a/He01D4PU5…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtENebbZrhg8+JILt8z8ygiAXHHHlFOmVfj3tIU6tF9bzJ3W3eRLqqtrgAFQ0FpSlHkwMaBV9jVVoleP2+B…

selectors probed

Certificate (current)

WR3

from 2026-06-16 to 2026-09-14

Expires in 87 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://hivepass.app/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: camera=(), microphone=(), geolocation=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com https://static.hotjar.com https://script.hotjar.com https://connect.facebook.net https://t.usermaven.com https://kit.fontawesome.com https://beacon-v2.helpscout.net https://assets.calendly.com https://cdn.jsdelivr.net https://play.google.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.calendly.com; font-src 'self' https://fonts.gstatic.com https://ka-f.fontawesome.com https://ka-p.fontawesome.com https://script.hotjar.com data:; img-src 'self' data: https:; connect-src 'self' https: wss:; frame-src https://calendly.com https://www.google.com https://action.hivepass.app https://datainsights-cdn.dm.aws.gartner.com; worker-src blob:;
strict-transport-security: max-age=31556926

Links to (10)

Linked from (2)

bikerevelstoke.org×2
sorba-tricities.org×2

Use this data via API

Everything on this page for hivepass.app is available as JSON from the indexo.dev REST & MCP API.

curl "https://indexo.dev/api/v1/domains/hivepass.app" \
  -H "X-API-Key: idx_..."

Read the docs & get a free key →

Add a badge to your site

Own hivepass.app? Show it's tracked on indexo.dev and link visitors straight to this page.

<a href="https://indexo.dev/hivepass.app" target="_blank" rel="noopener">
  <img src="https://indexo.dev/hivepass.app/badge.svg" alt="indexo.dev — hivepass.app">
</a>