indexo.dev

santanderglobalconfirming.com

.com crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 1550 ms crawled 2026-05-18

US · 45.60.205.69 · AS19551 Incapsula Inc

Reputation 100/100

Classifying

HTML metadata

Title
Language
es

Technology

Third-party hosts loaded (1)

  • cdn.jsdelivr.net×2

Registration

Registrar
Tucows Domains Inc.
Created
2015-09-10
Expires
2026-09-10 113 days left
Updated
2025-07-23
Name servers
  • a1-49.akam.net
  • a11-67.akam.net
  • a12-65.akam.net
  • a14-67.akam.net
  • a2-65.akam.net
  • a9-65.akam.net

DNS records live

NS
  • a1-49.akam.net
  • a11-67.akam.net
  • a12-65.akam.net
  • a14-67.akam.net
  • a2-65.akam.net
  • a9-65.akam.net
TXT
  • globalsign-domain-verification=7157B373FDF8B00291B4731971720A54

Email authentication no MX

SPF
v=spf1 -all
strict (-all)
DMARC
v=DMARC1;p=reject;pct=100;fo=1;rua=mailto:santander@rua.dmp.cisco.com;ruf=mailto:santander@ruf.dmp.cisco.com;
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

GlobalSign Atlas R3 DV TLS CA 2026 Q2
from 2026-05-09 to 2026-08-07
Expires in 80 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.santanderglobalconfirming.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(), microphone=(), camera=()
x-content-type-options
nosniff
content-security-policy
default-src gateway.id.swg.umbrella.com *.paas.cloudcenter.corp *.dev.corp *.pre.corp *.gs.corp *.santandercib.com *.santanderglobalconfirming.com *.tradetopay.com 'self' 'unsafe-inline' data:; img-src * 'self' 'unsafe-inline' data:; script-src gateway.id.swg.umbrella.com *.paas.cloudcenter.corp *.dev.corp *.pre.corp *.gs.corp *.santandercib.com *.santanderglobalconfirming.com *.tradetopay.com https://cdn.jsdelivr.net https://www.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; connect-src gateway.id.swg.umbrella.com *.paas.cloudcenter.corp *.dev.corp *.pre.corp *.gs.corp *.santandercib.com *.santanderglobalconfirming.com *.tradetopay.com https://cdn.jsdelivr.net https://www.gstatic.com 'self' 'unsafe-inline' wss: data:; font-src gateway.id.swg.umbrella.com *.paas.cloudcenter.corp *.dev.corp *.pre.corp *.gs.corp *.santandercib.com *.santanderglobalconfirming.com *.tradetopay.com https://cdn.jsdelivr.net https://fonts.gstatic.com https://stordatamiupc.blob.core.windows.net https://at.a
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin

Linked from (1)