indexo.dev

cardless.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-07 · ok HTTP/1.1 200 1804 ms crawled 2026-05-07

US · 104.26.6.197 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Cardless | Embedded Credit Card Platform
Description
Build credit into your product experience. Run it end to end with modular APIs, pre-built components, analytics, and full-service infrastructure.
Language
en
Generator
Framer 72b52f5
Canonical
https://www.cardless.com/

Open Graph

url
https://www.cardless.com/
title
Cardless | Embedded Credit Card Platform
description
Build credit into your product experience. Run it end to end with modular APIs, pre-built components, analytics, and full-service infrastructure.

Technology

CDN
Vercel
Fonts
  • Google Fonts

Third-party hosts loaded (3)

  • framerusercontent.com×92
  • events.framer.com×1
  • fonts.gstatic.com×1

Registration

Registrar
GoDaddy.com, LLC
Created
2001-05-20
Expires
2035-05-20 3287 days left
Updated
2026-01-22
Name servers
  • becky.ns.cloudflare.com
  • jake.ns.cloudflare.com

DNS records live

NS
  • becky.ns.cloudflare.com
  • jake.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 9 TXT records
  • google-site-verification=1PvP0Y81tGIz27QpQKgv4e207p9aJTyvqgiipFmxop8
  • google-site-verification=MztWuPOYkEEVq7Ca0GoeYFwtSWVVk9YkkfIyiNmSW68
  • google-site-verification=NNH7zDqXIjMhlDM54h2dcp5DWBBGN2whSFdbfvJ7-kg
  • google-site-verification=dW6FrTiYCdlb_rDWUNUUpIRyhADsGX83qznQNx3OXpM
  • google-site-verification=nh4_56OEIIu3e2tDo6s0kkwoTjdOX9tVDoi74Jk2rdI
  • notion-domain-verification=5098cSIdaP1zq6UlksJGHhC9pVUPJ4ZW0R3Qqi2uvJK
  • slack-domain-verification=nODfhDp1m8IS8QQUqiw28JHceZLm3s7ru2sbV8rP
  • MS=ms21441996
  • anthropic-domain-verification-w2544f=InTYgslctbQQM98vWfK3DlwkG

Email authentication strong

SPF
v=spf1 include:_spf.google.com include:mail.zendesk.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; sp=quarantine; adkim=s; aspf=s; rua=mailto:dmarc-reports@cardless.com, mailto:rua@dmarc.reachmail.net;
policy: quarantine · sp=quarantine
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwOWLg9gM027SptdLvk/0wqVBweNd4HLd3yTxkHk0l2ZZf1+l0bCfSY5tzODPUVScK6d8vKWO0J68T…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2octQFAPEGnKVKUmRV++jPVGIURLBi1ERknQlNXZ9w61IpQtYYTmWHTpU1TMrGCC6iF1cEgWRt26VwjbnE…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTAJKkIi1JjNlDGDPaJ5qMAvRefb0I77y37zyCpcIkXsDGFjG53tDsF9Vg0HX5ACmmgcGp6hryFEtwgqNWdQ50DR…
selectors probed

Certificate (current)

E7
from 2026-04-01 to 2026-06-30
Expires in 42 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.cardless.com/

present
  • strict-transport-security
  • content-security-policy
findings
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
frame-ancestors 'self' *.cardless.com
strict-transport-security
max-age=63072000

Links to (1)

Linked from (3)