indexo.dev

pathward.com

.com crawl dns

First seen 2026-04-17 · Last seen 2026-05-15 · ok HTTP/1.1 200 2764 ms crawled 2026-05-12

DE · 2.17.100.137 · AS20940 Akamai International B.V.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Powering Financial Inclusion | Pathward
Description
Pathward powers financial inclusion for all and is committed to providing a path for people and businesses to reach the next stage of their financial journey.
Language
en
Canonical
https://www.pathward.com/

Open Graph

title
Powering Financial Inclusion
locale
us_EN
description
Pathward powers financial inclusion for all and is committed to providing a path for people and businesses to reach the next stage of their financial journey.

Technology

CDN
Akamai
Analytics
  • Google Tag Manager

Third-party hosts loaded (4)

  • assets.adobedtm.com×1
  • kit.fontawesome.com×1
  • www.google.com×1
  • www.googletagmanager.com×1

Social

Registration

Registrar
GoDaddy.com, LLC
Created
2014-04-16
Expires
2028-04-16 698 days left
Updated
2026-04-17
Name servers
  • a1-205.akam.net
  • a11-66.akam.net
  • a2-67.akam.net
  • a22-64.akam.net
  • a6-65.akam.net
  • a7-66.akam.net

DNS records live

NS
  • a1-205.akam.net
  • a11-66.akam.net
  • a2-67.akam.net
  • a22-64.akam.net
  • a6-65.akam.net
  • a7-66.akam.net
MX
  • 10 pathward-com.mail.protection.outlook.com
TXT
Show 13 TXT records
  • knowbe4-site-verification=35eaa6b811d97d463d2717ff5f767bbe
  • jamf-site-verification=8IZUMrOLZNSK8XKDuY337A
  • onetrust-domain-verification=c8040beaad434e95a0e3456b9ca098f5
  • docusign=fed5f383-b566-47d9-9223-4a9f751485fa
  • docusign=9ec94e26-f12f-4ade-86b4-028669f3537a
  • urn:auth0:matillion:pathward-company-com-saml
  • google-site-verification=BDO42ruigYsV98tqS0Ufk2ZKuhRUEdLsjG1E1IgP4Q8
  • 00d5e000003tpzzeak
  • _4m25pyzsevtnm8s0yjvmvhhiidjnxbo
  • 21e2297786314c41b82d84a5d33127cc
  • adobe-idp-site-verification=984e99271eb5130db7127a93c232125c7bc111e91a8bac78b05ed964965e67e0
  • MS=ms11376161
  • apple-domain-verification=m1blfLFayJKxMSYq

Email authentication partial

SPF
v=spf1 mx include:spf.protection.outlook.com include:gateways.firstdata.com exists:%{i}._spf.mta.salesforce.com include:spf1.pathward.com include:spf.cashedge.com ~all
softfail (~all)
DMARC
v=DMARC1; p=none; rua=mailto:dmarc@pathward.com,mailto:dmarc_agg@vali.email; ruf=mailto:security@pathward; fo=1
policy: none (monitoring only)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvikxtl0PZHkutLOt+o1Xrzo2UH2g5uFRJa8dxNRSrpfhpX92kIZI3JhWwXP+d3GQ6T6oaK2eesF5Wa…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxbZ6uYTtdJJfMwBod84t2A6mJyD/E+Xe/i88TuoFKcwwQyBeaeKXAJPj/XnfCrnkYYwIAervO3v+6kpo/…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8Lz/TsmyTMZIdT0NLBURgWCCAWyMKQMALlce4sz1M4Cgu9xuYUqj/nOs/dkerCuRRJSF0/X80/EfCdi/N…
selectors probed

Certificate (current)

DigiCert Global G3 TLS ECC SHA384 2020 CA1
from 2026-01-20 to 2026-12-23
Expires in 218 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.pathward.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak frame protection
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN, SAMEORIGIN
permissions-policy
accelerometer=(), battery=(), bluetooth=(), camera=(), display-capture=(), gamepad=(),gyroscope=(), magnetometer=(), microphone=(), midi=(),picture-in-picture=(),serial=(),speaker-selection=(),usb=(),xr-spatial-tracking=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pathward.com www.google.com www.googleadservices.com www.gstatic.com www.googletagmanager.com assets.adobedtm.com *.go-mpulse.net cdn.cookielaw.org *.vimeocdn.com *.marketo.net *.doubleclick.net *.vimeo.com *.libsyn.com; style-src 'self' 'unsafe-inline' *.pathward.com https://cdn.fonts.net www.gstatic.com *.vimeocdn.com; img-src 'self' data: *.pathward.com *.112.2o7.net *.doubleclick.net www.googletagmanager.com *.cookielaw.org www.gstatic.com *.vimeocdn.com; connect-src *.cookielaw.org *.pathward.com *.go-mpulse.net www.google.com www.google-analytics.com https://google.com *.mktoresp.com *.akstat.io *.vimeo.com *.vimeocdn.com *.akamaihd.net *.akamaized.net *.demdex.net; frame-src 'self' *.pathward.com www.google.com www.googletagmanager.com *.googletagmanager.com *.doubleclick.net *.vimeo.com *.zoom.us zoom.us *.libsyn.com *.doubleclick.net *.demdex.net; font-src 'self' *.pathward.com *.gstatic.com; media-src 'self
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (4)

Linked from (4)