allpay.net

HTML metadata

Title

The Ultimate Payments Solution | allpay Limited

Description

allpay provides payment solutions including direct debit, internet, credit, debit and prepaid cards to public and private sectors.

Language

en-GB

Canonical

https://www.allpay.net/

Feeds

allpay » Feed RSS

Open Graph

url: https://www.allpay.net/
title: Home
locale: en_GB
site name: allpay
description: allpay provides payment solutions including direct debit, internet, credit, debit and prepaid cards to public and private sectors.

Technology

CDN: Azure Front Door
CMS: WordPress

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Contact

Phone

459 5179 47

Registration

Registrar

Tucows Domains Inc.

Created

2000-01-05

Expires

2027-01-05 231 days left

Updated

2025-12-07

Name servers

ns1-05.azure-dns.com
ns2-05.azure-dns.net
ns3-05.azure-dns.org
ns4-05.azure-dns.info

DNS records live

NS

ns1-05.azure-dns.com
ns2-05.azure-dns.net
ns3-05.azure-dns.org
ns4-05.azure-dns.info

MX

10 eu-smtp-inbound-1.mimecast.com
10 eu-smtp-inbound-2.mimecast.com

TXT

Show 11 TXT records

2kQm+maVj9j1aAPOBGyFuWv/4NhPtgmyB8LwyDLRzpk
access-domain-verification=2d0966cc64f9b095b8a4e3c0c7c7a3c277f043060ad4627125618a52edb86367
Rzt6b0AmHZOnJlgQN9uB6LEIiUJlzuy/e7m5ZScfpO0=
LUXXHnKgGSp3gznKrERmxs6wDP9hQBzQw8P4Z8nrAiQ=
google-site-verification=QoGjgrFbP5levwkCWjvBvuV3FN5tobnikh-LavZsUNE
_globalsign-domain-verification=l9m9TTLt_ikvxZgZupufpOdvIWRypo7bNKyaRCEgvV
ms-domain-verification=61555ea7-d98b-401f-af1c-b257154554eb
0gBVEnDYZ/vIFg84Egci84vEMceG4E9XdqqPj7SOOwXAL6On+zWAqy+9bhEBgCRwikJDdy4qOYfD/uX4vkceDw==
tf/Xn7sEU5IrrUySbAceNoT9ejYyDjc1NQrcE84dXvI=
jZxTkT6V8BvQ103DL1tp95iGqeurv4upXKekpKA8wqM=
17/tFrKRxfQPU1vK+QnMiGUWjHFtSE7jWSQhrdpl66c=

Email authentication strong

SPF

v=spf1 ip4:82.71.195.1 ip4:212.62.25.3 ip4:213.129.93.83 ip4:159.183.195.150 include:eu._netblocks.mimecast.com include:amazonses.com include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:dmarc_agg@vali.email; fo=1

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8y7z4t46BqDeYWUAZ2Z5ld77j13bR5oX/IbMP744JBGXJYiJ6L07Ez7LI/PRbDq+CxvfWWFgmWy8i4/IWYM…
k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1O2dITZp+OLZGC7p62nkRfVS59WvClZO2iRfjmKQAZ9Hi5Lc/AMm3HdoNJs0iywDH0y2aE1Xgpw+BK7gd5…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnj8RfiAB/AzF+CxrFNUETwsgOSEpvYKKrjlgKvkW4Qy+wNJnwwQesqJCbtgB9NAJtp/sPRiUQdWjZTFQ3y…

selectors probed

Certificate (current)

R13

from 2026-04-04 to 2026-07-03

Expires in 45 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.allpay.net/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
cross-origin-opener-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
weak frame protection
weak content type protection
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' https: wss:; img-src 'self' https: data: blob:; script-src 'self' https: blob: wss: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; font-src 'self' https: data:; worker-src 'self' https: blob: wss:; frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin