indexo.dev

hpra.ie

.ie crawl

First seen 2026-05-13 · Last seen 2026-05-20 · ok HTTP/1.1 200 2119 ms crawled 2026-05-19

IE · 4.207.11.58 · AS8075 Microsoft Corporation

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Home
Language
en
Generator
Sitefinity 15.2.8430.0 DX
Canonical
https://www.hpra.ie

Open Graph

url
https://www.hpra.ie
title
Home
site name
HPRA

Technology

CMS
Joomla

Third-party hosts loaded (3)

  • code.jquery.com×2
  • customer.cludo.com×2
  • cookie-cdn.cookiepro.com×1

Social

DNS records live

NS
  • ns0.reg365.net
  • ns1.reg365.net
  • ns2.reg365.net
MX
  • 0 esa1.hc1441-16.eu.iphmx.com
  • 10 esa2.hc1441-16.eu.iphmx.com
  • 100 mailbk.hpra.ie
  • 50 mail.hpra.ie
TXT
  • LMskMf68yLrpryalrx8Ye0jK_Sv65aXrgFXa2O1uNhU
  • MS=02DEBFB1AB3D10CD9D19BE2422093EBA06B8FB3E
  • 7GuCLdwIwPzy7kK/h3+44KEF2GpSdIRCYgT2dSR3JxxJ/hIwbtaK8ojEzQ1bgoo03v6TTjpGsPA/dVsNRG7pwA==
Verified for
  • Apple
  • Atlassian
  • Google
  • Microsoft

Email authentication partial

SPF
v=spf1 mx ip4:137.191.247.68 ip4:137.191.245.207 ip4:84.51.229.170 a:esa1.hc1441-16.eu.iphmx.com a:esa2.hc1441-16.eu.iphmx.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none; rua=mailto:itsecurity@hpra.ie;
policy: none (monitoring only)
DKIM
  • mail: v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHQcE5gIyNTMjE9PQF/BTgakhCdLT7rTaqQmsq29tlRMb0hS5zWmZu9mgXmqRcl0GTd1m3tSUkGVidtbhcS7z…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+848QU8Zh+VRgPLwFbRhFI9eN1gW6HN7HOrP+BwgTjOIJYH+QpMzU2ih8rHaNB5GcKFiCmGlcyeZFLU2K…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIndbTUQh5aJ31JcAQusRv4l5XX4kg/W11Yo/R3fjicBJL9Glu+ENOEDYWc6lwtx+cVUco+GE8X+yvjSk6…
selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36
from 2026-03-02 to 2027-02-22
Expires in 276 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.hpra.ie/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src *.googleapis.com *.gstatic.com www.google.com apis.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js cdnjs.cloudflare.com https://www.youtube.com/iframe_api https://dec.azureedge.net/ munchkin.marketo.net https://cdn.cookielaw.org https://www.googletagmanager.com *.youtube.com https://cdn.jsdelivr.net https://browser-update.org https://cookie-cdn.cookiepro.com https://code.jquery.com https://*.onetrust.com https://customer.cludo.com 'self' cdn.ampproject.org https://cdn.insight.sitefinity.com https://dec.azureedge.net https://player.vimeo.com/api/player.js web-chat.nativechat.com 'unsafe-inline' 'unsafe-eval'; style-src *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com https:
strict-transport-security
max-age=31536000; IncludeSubDomains

Links to (4)

Linked from (3)