indexo.dev

applepay.com

.com crawl

First seen 2026-04-15 · Last seen 2026-04-15 · ok HTTP/1.1 200 2452 ms crawled 2026-05-10

US · 68.177.108.235 · AS394912 Act 1 Group, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
ApplePay

Technology

Server
Microsoft-IIS
Analytics
  • Google Tag Manager

Third-party hosts loaded (4)

  • cdnjs.cloudflare.com×1
  • cloud.typography.com×1
  • maxcdn.bootstrapcdn.com×1
  • www.googletagmanager.com×1

Registration

Registrar
GoDaddy.com, LLC
Created
2002-05-15
Updated
2025-05-16
Name servers
  • ns1.all-in-1.com
  • ns2.all-in-1.com

DNS records live

NS
  • ns1.all-in-1.com
  • ns2.all-in-1.com
MX
  • 0 applepay-com.mail.protection.outlook.com
TXT
  • D+TRI0irSDE5qQ/HQZLBf6RVKxkc844F7fb1fUhMrVN4pfM01y969h6oO5fglz6PyAIdubgBdQGN3PnCh782mg==
  • MS=ms64496508

Email authentication partial

SPF
v=spf1 ip4:205.220.173.87 ip4:205.220.161.87 ip4:68.177.108.0/24 ip4:208.185.229.0/24 ip4:208.185.235.0/24 include:spf.protection.outlook.com include:et._spf.pardot.com include:_spf.salesforce.co include:spfa.cpmails.com -all
strict (-all)
DMARC
v=DMARC1; p=none; rua=mailto:mailtoreport@ain1.com; ruf=mailto:mailtoreport@ain1.com; fo=1
policy: none (monitoring only)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD0bho67xXJ9lVw1GDsr04DH0nLINigkyY5yiKK33dWk9p3vEsxPgCQ6u4znkxXXqvtINrwwE/otEuD5WQvjy…
  • selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxtTfDNVYZedtucYilEyYA2kCUoGAjJsilsYpAXCTi7G6CWGPzm5ayEhVIZMToZZqaPpHfbrxTo1ldDU4lxi…
selectors probed

Certificate (current)

Go Daddy Secure Certificate Authority - G2
from 2026-01-13 to 2027-02-14
Expires in 271 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://applepay.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
camera=(), geolocation=(), microphone=(), payment=(), usb=()
x-content-type-options
nosniff
content-security-policy
default-src 'none'; style-src 'self' 'unsafe-inline' https://cloud.typography.com/ https://maxcdn.bootstrapcdn.com/ https://www.appleone.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://ssl.google-analytics.com/ https://munchkin.marketo.net/ https://cdnjs.cloudflare.com/; img-src 'self' https://ssl.google-analytics.com/ https://stats.g.doubleclick.net/; connect-src 'self' https://www.google-analytics.com https://815-tmy-864.mktoresp.com/; font-src 'self' https://maxcdn.bootstrapcdn.com/ data:; form-action 'self'; frame-src 'self' https://applepay.com/ https://www.applepay.com/ https://www.sertifi.com/allin1/ https://sandbox.sertifi.net/allin1/; object-src 'self'; frame-ancestors 'self'; base-uri 'none';
strict-transport-security
max-age=15552000

Links to (4)

Linked from (1)