indexo.dev

stbunion.com

.com crawl

First seen 2026-05-29 · Last seen 2026-05-29 · ok HTTP/1.1 200 462 ms crawled 2026-05-31

US · 3.164.206.74 · AS16509 Amazon.com, Inc.

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title
STB Union: Fintech for People
Description
We make transfers and payments handy for you.
Language
en
Canonical
https://stbunion.com/transfers
Translations
  • en
  • he
  • ru

Open Graph

url
https://stbunion.com/
title
STB Union: Fintech for People
site name
STB Union
description
We make transfers and payments handy for you.

Technology

CDN
Amazon CloudFront
Server
AmazonS3
jQuery
3.5.1
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • maps.googleapis.com×1
  • www.googletagmanager.com×1

Social

Contact

Email
Phone

Registration

Registrar
Amazon Registrar, Inc.
Created
2013-08-26
Expires
2031-08-26 1910 days left
Updated
2026-05-16
Name servers
  • ns-1172.awsdns-18.org
  • ns-1613.awsdns-09.co.uk
  • ns-75.awsdns-09.com
  • ns-921.awsdns-51.net

DNS records live

NS
  • ns-1172.awsdns-18.org
  • ns-1613.awsdns-09.co.uk
  • ns-75.awsdns-09.com
  • ns-921.awsdns-51.net
MX
  • 0 stbunion-com.mail.protection.outlook.com
TXT
  • atlassian-sending-domain-verification=0438e83a-f40a-4e60-b0b6-0a767fe0c0fb
  • hello
Verified for
  • Atlassian
  • Google
  • Microsoft 365

Email authentication partial

SPF
v=spf1 ip4:62.56.224.242 a mx include:spf.protection.outlook.com include:spfa.cpmails.com -all
strict (-all)
DMARC
v=DMARC1; p=none; pct=100; rua=mailto:report@stbunion.com
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

Amazon RSA 2048 M01
from 2025-10-22 to 2026-11-20
Expires in 170 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://stbunion.com/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
connect-src 'self' data: *.ingest.sentry.io *.sentry.io https://*.google-analytics.com https://*.intercom.io https://*.stbagent.com https://api2.amplitude.com https://firebaseinstallations.googleapis.com https://identitytoolkit.googleapis.com https://maps.googleapis.com https://securetoken.googleapis.com https://static.intercomassets.com https://storage.googleapis.com https://uploads.au.intercomcdn.com https://uploads.eu.intercomcdn.com https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.intercomusercontent.com https://us-central1-maximal-boulder-207512.cloudfunctions.net wss://*.intercom.io wss://*.stbagent.com; frame-ancestors https://*.qlik.com https://*.stbagent.com https://*.stbunion.com https://icom.yaad.net https://pay.cardstandard.ru https://secure.cardcom.solutions https://stb.eu.qlikcloud.com https://stb.mncho.co/ https://stbunion.com; frame-src https://*.credorax.com https://*.credorax.net https://*.qlik.com https://*.stbagent.com https://*.stbunio

Links to (5)

Linked from (1)