indexo.dev

sanabil.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-06 · ok HTTP/1.1 200 11823 ms crawled 2026-05-08

SA · 88.85.238.166 · AS29684 Nour Internet Company for Communications and Information Technology Ltd.

Reputation 100/100

Classifying

HTML metadata

Title
SANABIL
Language
en

Technology

Analytics
  • Google Tag Manager
Fonts
  • Google Fonts
Third-party hosts loaded (7)
  • api.tomtom.com×2
  • cdn.jsdelivr.net×2
  • fonts.gstatic.com×1
  • maps.googleapis.com×1
  • unpkg.com×1
  • www.google.com×1
  • www.googletagmanager.com×1

Registration

Registrar
GoDaddy.com, LLC
Created
2002-04-24
Expires
2028-04-24 705 days left
Updated
2025-01-16
Name servers
  • pdns05.domaincontrol.com
  • pdns06.domaincontrol.com

DNS records live

NS
  • pdns05.domaincontrol.com
  • pdns06.domaincontrol.com
MX
  • 10 mail.sanabil.com
  • 20 mail1.sanabil.com
TXT
Show 5 TXT records
  • yswfsk9br54f0q48pmkgt0j77sr6njbn
  • ms-domain-verification=234cb795-401e-4540-a174-747045380fbd
  • google-site-verification=KaU69gsafeY-OaBW1CW86xLzAI5euw8Bo2nNhFMgMoY
  • v=verifydomain MS=9794999
  • ksgdec4rnpellle7erj349j23r

Email authentication strong

SPF
v=spf1 a mx ip4:88.85.238.163 ip4:185.10.115.116 include:spf.protection.outlook.com include:dxh3m1cppc.powerspf.com -all
strict (-all)
DMARC
v=DMARC1; p=reject; rua=mailto:351fb8wbw9@rua.powerdmarc.com,mailto:haseen@rua.dmarc.gov.sa,mailto:dmarc@sanabil.com,mailto:cybercare@sanabil.com; ruf=mailto:351fb8wbw9@ruf.powerdmarc.com,mailto:haseen@ruf.dmarc.gov.sa,mailto:dmarc@sanabil.com,mailto:cybercare@sanabil.com
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1
from 2026-03-05 to 2026-09-20
Expires in 123 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://www.sanabil.com/en/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing content type protection
  • missing Permissions Policy
Header values
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://unpkg.com https://api.tomtom.com https://*.sanabil.com https://sanabil.com/Attachments/Flags/ https://www.google.com https://maps.gstatic.com https://www.gstatic.com https://maps.googleapis.com https://fonts.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://fonts.gstatic.com data:;
strict-transport-security
max-age=31536000; includeSubDomains

Linked from (1)