indexo.dev

openbankpay.com

.com crawl

First seen 2026-04-22 · Last seen 2026-05-12 · ok HTTP/1.1 200 2657 ms crawled 2026-05-20

US · 3.164.68.67 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Enjoy now. Pay later | Openbank Pay
Description
We simplify your payments, enabling you to split or settle them at a later date. Select country and language and discover Openbank Pay!
Language
en
Canonical
https://www.openbankpay.com

Open Graph

url
https://www.openbankpay.com
title
Enjoy now. Pay later | Openbank Pay
site name
Openbank Pay | Enjoy now. Pay later
description
We simplify your payments, enabling you to split or settle them at a later date. Select country and language and discover Openbank Pay!

Technology

CDN
Amazon CloudFront
Server
CloudFront
CMS
Gatsby
Analytics
  • Google Analytics
  • Google Tag Manager

Third-party hosts loaded (4)

  • teal.zinia.com×2
  • tags.tiqcdn.com×1
  • www.google-analytics.com×1
  • www.googletagmanager.com×1

Registration

Registrar
Tucows Domains Inc.
Created
2019-04-26
Expires
2027-04-26 340 days left
Updated
2025-10-29
Name servers
  • ns-1488.awsdns-58.org
  • ns-1904.awsdns-46.co.uk
  • ns-478.awsdns-59.com
  • ns-999.awsdns-60.net

DNS records live

NS
  • ns-1488.awsdns-58.org
  • ns-1904.awsdns-46.co.uk
  • ns-478.awsdns-59.com
  • ns-999.awsdns-60.net
MX
Show 6 MX records
  • 10 mx1.santandergroup.c3s2.iphmx.com
  • 10 mx2.santandergroup.c3s2.iphmx.com
  • 50 mx1.hc5532-55.iphmx.com
  • 50 mx2.hc5532-55.iphmx.com
  • 90 mx1.hc6154-33.iphmx.com
  • 90 mx2.hc6154-33.iphmx.com
Verified for
  • Google
  • Microsoft 365
  • Slack

Email authentication strong

SPF
v=spf1 exists:%{i}.spf.us.gruposantander.com exists:%{i}.spf.as.gruposantander.com -all
strict (-all)
DMARC
v=DMARC1; p=reject; fo=1; ri=3600; rua=mailto:santander@rua.dmp.cisco.com,mailto:postmanagerdmarcopen@produban.com; ruf=mailto:santander@ruf.dmp.cisco.com,mailto:postmanagerdmarcopen@produban.com
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

Amazon RSA 2048 M04
from 2026-02-19 to 2026-09-05
Expires in 107 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.openbankpay.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests; default-src 'self' *.zinia.com *.openbankpay.com; script-src 'self' *.zinia.com *.openbankpay.com 'unsafe-inline' 'unsafe-eval' snap.licdn.com https://maps.googleapis.com https://browseranalytic.com https://www.google.com *.gstatic.com tags.tiqcdn.com *.google-analytics.com https://*.g.doubleclick.net *.youtube.com *.googleadservices.com *.facebook.net *.ytimg.com api-ob.nd.nudatasecurity.com https://cdnjs.cloudflare.com *.googletagmanager.com *.we-stats.com static.browseranalytic.com bat.bing.com blob: unpkg.com www.googleoptimize.com; connect-src 'self' *.zinia.com *.openbankpay.com *.google-analytics.com *.we-stats.com *.biocatch.com lib-eu-1.brilliantcollector.com op.browseranalytic.com *.google.com *.googleapis.com *.googlesyndication.com https://*.g.doubleclick.net bat.bing.com cdn.linkedin.oribi.io https://dpm.demdex.net *.zinia.de; style-src 'self' *.zinia.com *.openbankpay.com 'unsafe-inline'; img-src 'self' *.zinia.com *.openbankpay.com px.ads.linke
strict-transport-security
max-age=31536000; includeSubDomains; preload

Linked from (1)