flytap.com

HTML metadata

Title

TAP Air Portugal | flyTAP Official Website

Description

TAP Air Portugal welcomes you on board! Explore destinations and the cheapest flights, learn all about check-in, meals and TAP Miles&Go benefits. Book now!

Language

en-fi

Canonical

https://www.flytap.com/en-fi

Translations

de-at
de-ch
de-de
en-ao
en-ar
en-at
en-be
en-br
en-ca
en-ch
en-ci
en-co
en-cv
en-cz
en-de
en-dk
en-ee
en-eg
en-es
en-fi
en-fr
en-gb
en-gh
en-gm
en-gn
en-gr
en-gw
en-hk
en-hr
en-hu
en-ie
en-il
en-it
en-lt
en-lu
en-lv
en-ml
en-mx
en-mz
en-nl
en-no
en-pa
en-pl
en-pt
en-ro
en-rs
en-ru
en-se
en-sk
en-st
en-tg
en-tn
en-tr
en-ua
en-us
en-uy
en-ve
en-za
es-ar
es-cl
es-co
es-es
es-mx
es-pa
es-us
es-uy
es-ve
fr-be
fr-ca
fr-ch
fr-ci
fr-dz
fr-fr
fr-gh
fr-gn
fr-lu
fr-ma
fr-ml
fr-sn
fr-tg
it-it
pl-pl
pt-ao
pt-ar
pt-at
pt-be
pt-br
pt-ca
pt-ch
pt-ci
pt-cl
pt-co
pt-cv
pt-cz
pt-de
pt-dk
pt-dz
pt-ee
pt-eg
pt-es
pt-fi
pt-fr
pt-gb
pt-gh
pt-gm
pt-gn
pt-gr
pt-gw
pt-hk
pt-hr
pt-hu
pt-ie
pt-il
pt-it
pt-lt
pt-lu
pt-lv
pt-ma
pt-ml
pt-mx
pt-mz
pt-nl
pt-no
pt-pa
pt-pl
pt-pt
pt-ro
pt-rs
pt-ru
pt-se
pt-sk
pt-sn
pt-st
pt-tg
pt-tn
pt-tr
pt-ua
pt-us
pt-uy
pt-ve
pt-za

Open Graph

url: TAP Air Portugal | flyTAP Official Website
title: TAP Air Portugal | flyTAP Official Website
locale: en-fi
description: TAP Air Portugal welcomes you on board! Explore destinations and the cheapest flights, learn all about check-in, meals and TAP Miles&Go benefits. Book now!

Technology

CDN: Cloudflare
CMS: Next.js

Analytics

Cloudflare Insights
Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (6)

assets.adobedtm.com×1
cdn.engagement.coremedia.cloud×1
fonts.googleapis.com×1
static.cloudflareinsights.com×1
universal-editor-service.adobe.io×1
www.googletagmanager.com×1

Social

Contact

Address: Lisbon Airport, 1704-801, Lisbon, Lisbon, Portugal

Registration

Registrar

EuroDNS S.A.

Created

1999-12-21

Expires

2030-12-21 1676 days left

Updated

2021-12-08

Name servers

ns1-09.azure-dns.com
ns2-09.azure-dns.net
ns3-09.azure-dns.org
ns4-09.azure-dns.info

DNS records live

NS

ns1-09.azure-dns.com
ns2-09.azure-dns.net
ns3-09.azure-dns.org
ns4-09.azure-dns.info

MX

10 flytap-com.mail.protection.outlook.com

TXT

Show 4 TXT records

google-site-verification=j9xZdpOAOZmiebDEvTHX86G4pfhP36iaWgCWCg9FfeQ
qmww82m8zbsb9s5q6c7nyt1fwngqr3d2
MS=ms79933070
8i57oLcbvWeiE9JtCHQMXINoIQbmJfelXAwwkw0xcoY=

Email authentication strong

SPF

v=spf1 ip4:91.198.90.24 ip4:91.198.90.25 ip4:91.198.90.26 ip4:91.198.90.27 ip4:91.198.90.28 ip4:91.198.90.156 ip4:82.150.225.79 ip4:171.17.133.140 include:_spfblock.salesforce.com include:_spfblock1.salesforce.com include:spf.protection.outlook.com include:_relay.amadeus.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:dmarc.report.failures@tap.pt; ruf=mailto:dmarc.report.failures@tap.pt; fo=1; sp=none;

policy: reject (enforced) · sp=none

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+8sS9lQXMo9HuYDZTLxhQ2cMZ30qiG0dKMIDDnorJ7qDQHZajqcPfQ7Xkav1XtvRvyALKHDR0TdC4W5L8…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDnPyMVvGejhZCLVtsd4/t8EdY4mm3oXCiYU2g7AuSTRTh46/3UkcE5NtTr1Riwg7ntGoNxaHuHZ3K50AcnwqsZPp…

selectors probed

Certificate (current)

E8

from 2026-03-28 to 2026-06-26

Expires in 38 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.flytap.com/en-fi

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP uses wildcard sources
weak frame protection

Header values

referrer-policy: no-referrer
x-frame-options: ALLOW-FROM *.adobe.net *.adobe.com *.amazoncognito.com
permissions-policy: browsing-topics=(*), accelerometer=(*), autoplay=(*), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(*), fullscreen=(*), geolocation=(*), gyroscope=(*), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(*), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(*), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(*), gamepad=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), unload=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' tags.creativecdn.com *.bing.net *.clarity.ms *.frizbit.com *.googleadservices.com *.securitytrfx.com *.sojern.com *.smartvel.com *.firebaseapp.com *.amazoncognito.com *.adobeaemcloud.com *.airtrfx.com *.everymundo.net; connect-src 'self' tags.creativecdn.com *.bing.net *.clarity.ms *.frizbit.com *.googleadservices.com *.googlesyndication.com www.googletagmanager.com *.securitytrfx.com *.sojern.com *.visualwebsiteoptimizer.com *.everymundo.net *.smartvel.com *.bing.com *.facebook.com *.facebook.net *.adobelogin.com booking.flytap.com *.experience.adobe.net *.doubleclick.net *.inside-graph.com *.google.com.br *.google.it *.google.pl *.google.fr *.google.de *.google.pt *.google.es *.onetrust.com *.cloudflare.com *.google-analytics.com *.adobeaemcloud.com *.adobe.com cdn.cookielaw.org *.experiencecloud.live *.googleapis.com *.google.com *.coremedia.cloud *.byside.com wss://wsa1.byside.com wss://eu-live.inside-graph.com *.firebaseapp.com *.airtrfx.com *.amazonaws.com *
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-embedder-policy: same-origin
cross-origin-resource-policy: same-origin