indexo.dev

afterpay.com

.com toplist crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 737 ms crawled 2026-05-18

US · 104.19.176.211 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Buy now pay later with Afterpay
Description
Afterpay is fully integrated with all your favorite stores. Shop as usual, then choose Afterpay as your payment method at checkout. First-time customers complete a quick registration, returning customers simply log in.
Language
global
Translations
  • global

Open Graph

title
Buy now pay later with Afterpay

Technology

CDN
Cloudflare
CMS
Next.js

Registration

Registrar
MarkMonitor Inc.
Created
2004-12-31
Expires
2027-12-31 590 days left
Updated
2026-02-23
Name servers
  • logan.ns.cloudflare.com
  • pat.ns.cloudflare.com

DNS records live

NS
  • logan.ns.cloudflare.com
  • pat.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 37 TXT records
  • google-site-verification=ZJMu9MsvjHJwPn0kcq31cioCrPxAw0HHWqWOqXpq1-Y
  • postman-domain-verification=45c73f7e7fc4317d259d7abb21e0cf833bb6155f55538bff0a6f610647723c844c9e11597dbbd4d9b834af734060e19f9d48901a30c575a0d89fbf50a6a212bd
  • google-site-verification=90Usis2cGFPDjcVmGkACDq7V0nr2_aHwkRJAja1Bs88
  • MS=ms48434553
  • docker-verification=2b851c78-b56e-49cf-861e-56d93e57ddfc
  • adobe-idp-site-verification=d7b63c6b24c223ab567a9a0011f39af530daed8a61eff08bc649faf4dd4da1e2
  • facebook-domain-verification=d6cnhehjtreem1o6qucbzholeswcb2
  • ca3-e24e885f74554db896cc1a2029c6b1e7
  • 885F292C29
  • google-site-verification=KXgv0l3pLJ3fEOKpU3Ij9y78f7mwKzvaxYAarqGZAvU
  • waybackverify
  • google-site-verification=AF-LWiRMtAZeWbVOVjubw4bCbQ3k9_RChotB5aLobu4
  • atlassian-domain-verification=kmliHHvYeo5Xy4WaMLqaFajrpbCFuIc0xz7UVjSqLtDl4d65QOPuL8GepVGmJv6i
  • atlassian-domain-verification=Z6HgR9QONMngJJzv0coiPlQKXQjnsuF8wy/NfLVM3UN35nIzEE6Er5hChZYoort1
  • ca3-75142fa1449c42cd87b6da5dc5d8ec86
  • atlassian-domain-verification=9iYUpJGNkg1t97CI3rPIi2JSZhPPPq2vqa29bn1XafOtu0579nFxEzSX3VzIvcRm
  • mongodb-site-verification=I5dMFjnYCvH6Nd6KXy79C0YoMTxUAEhL
  • google-site-verification=GPpk9OtLFxj8JpGy_q61Yaf64WakggEhL0sgJwjrLO0
  • google-site-verification=SmRp-c8Mh9-V-1RK9-QQqIaEcbORQkao1ZjiCoAOCDo
  • docusign=2c5628f8-3c04-4eea-8a8b-e26e1b2fbc68
  • miro-verification=1da172ae11b3d835709b4e27b516322be57fd7c8
  • https://issues.sonatype.org/browse/OSSRH-58323
  • zapier-domain-verification-challenge=396f3027-0f1f-4fb9-97ac-230f3deda199
  • dropbox-domain-verification=7zqhevn6rrib
  • wrike-verification=MzIwNzgwMDo2MGE1NjUwYThkMmExMjkzZDg3MGVmMDE3MzkzMDJlOTE4YTY5YmZlMjNlZGE5MGY5MWMzODFhNTFmNDU5MTNi
  • ca3-0d1c72c8ad3e4ef49a6228d6e9d8d354
  • anthropic-domain-verification-9nns30=qgxwMEVOMkLAlfLXH1K7EtxR3
  • ca3-726ba8f287be476e8b3228292db5857b
  • stripe-verification=5a8a00371398aa2466b713faf14e6edc9140160c32f51d02067af5dcd8591cc8
  • apple-domain-verification=TpnfzTlfBHkfNOkk
  • DirectFedAuthUrl=https://login.block.xyz/app/block_pwcpayrollnew_1/exkxnyhjk7UKlSCm4697/sso/saml
  • airtable-verification=b24ff13d51d9104c2d25edc5bc39bf65
  • atlassian-domain-verification=7P8hKRwaCBM4SxhDBTrs01Bj8tsTchnPirc3ghipnlR5u0BE9qUg0svGECDkgvSO
  • ca3-59969214e2974dceadd5fe5f2e9957bd
  • ca3-35cb5d572b27416396eb3f2b4ff2fed3
  • fdb3ln23dhcs4vg3jzhslrcx58ck358m
  • miro-verification=eb2231722e9ee6e925e69e31c221403361bbc1cb

Email authentication strong

SPF
v=spf1 ip4:116.50.57.190 ip4:167.89.51.22 ip4:168.245.115.7 ip4:168.245.9.178 ip4:168.245.97.197 include:mail.zendesk.com include:_spf.salesforce.com include:_spf.google.com include:sendgrid.net -all
strict (-all)
DMARC
v=DMARC1; p=reject; rua=mailto:dmarc_agg@vali.email;
policy: reject (enforced)
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuC+smcfjT+JcGytXzawWTzyrcVAOackzOEhvzBhrlzU8cwhFULOBrpFgb0E7a0wTYHXrccCSoL0SZz…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjm5EhNZ+2Fe/2uK8cwjDYLhIofxElNdBQwC3VakOaIM5rZ0UaNTNRR5DiiFW96OjK2aJ4gacUsrERt+7r…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD9Cpm/Na2ZtvxsDKj8z+W/ayNtuU0uThw9N3E1Tt/A0sACWUpSa1lMvd3YNav0PMZ7G5JKW8iExdh2t4HA+BoOD6…
selectors probed

Certificate (current)

WE1
from 2026-05-12 to 2026-08-10
Expires in 82 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.afterpay.com/global/country-select

present
  • strict-transport-security
  • content-security-policy
  • cross-origin-opener-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
script-src 'self' 'unsafe-eval' 'unsafe-inline' *.afterpay.com *.clearpay.co.uk *.clearpay.com *.googleapis.com public.fbot.me static.fbot.me campaign.fbot.me lcx-embed.bambuser.com www.googletagmanager.com *.onetrust.com *.cookielaw.org *.bizible.com hbiq.net cdn.branch.io sc-static.net snap.licdn.com connect.facebook.net *.linkedin.com *.facebook.com munchkin.marketo.net www.googleadservices.com cdn.dashhudson.com djnf6e5yyirys.cloudfront.net cdn.builder.io t.contentsquare.net www.google-analytics.com googleads.g.doubleclick.net app.link v5tufwer.micpn.com pi.pardot.com tag.clearbitscripts.com/v1/pk_ba428737ee82fd942f13030da0c2629b/tags.js tag.rmp.rakuten.com metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/lp.js x.clearbitjs.com/v2/pk_ba428737ee82fd942f13030da0c2629b/tracking.min.js x.clearbitjs.com/v2/pk_ba428737ee82fd942f13030da0c2629b/destinations.min.js analytics.tiktok.com afterpay-business-site.vercel.app afterpay-consumer-content-hub.vercel.app cdn.amplitude.com *.
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy
same-origin

Links to (1)

Linked from (13)