leisurepay.io

.io crawl

First seen 2026-04-27 · Last seen 2026-05-16 · ok HTTP/1.1 200 1259 ms crawled 2026-05-20

US · 172.67.73.170 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title: High Risk Payment Processing | High-Risk Merchant Accounts | LeisurePay
Description: LeisurePay provides cannabis payment processing and high-risk merchant accounts for dispensaries, CBD, kratom, sweepstakes, nightclubs and digital courses. Card, ACH, Check 21, and crypto. Same day approval. Rates from 0.25%.
Language: en
Canonical: https://leisurepay.io/

Open Graph

url: https://leisurepay.io/
title: High-Risk Payment Processing | High-Risk Merchant Accounts | LeisurePay
description: The high-risk merchant account built for cannabis dispensaries, CBD merchants, sweepstakes platforms, kratom, nightclubs, and digital courses. Card, ACH, Check 21, crypto. Same day approval.

Technology

CDN: Cloudflare

Fonts

Google Fonts

Third-party hosts loaded (3)

fonts.googleapis.com×2
cdn.jsdelivr.net×1
fonts.gstatic.com×1

Contact

Phone

(888) 538-4404

DNS records live

NS

elliot.ns.cloudflare.com
sandy.ns.cloudflare.com

MX

Show 6 MX records

1 aspmx.l.google.com
1 smtp.google.com
10 aspmx2.googlemail.com
10 aspmx3.googlemail.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

Verified for

Anthropic
Google
Meta
Microsoft 365

Email authentication strong

SPF

v=spf1 include:_spf.google.com include:_spf.safewebservices.com include:leisurepay.org -all

strict (-all)

DMARC

v=DMARC1; p=quarantine;

policy: quarantine

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQ16UQxiYPkOOoMYQUwTWmOU/NtDqvrfqHi70tqJVa5jhfzAtEAoqQGeyfkWVtrCKeTvJQd5sQjC8Y…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYLsnp3wT4LPE6i9UyfOiQVoLgBqtoMHe9OVCrU00TGIPFalLJDNVV44GDZgYb3cFMgQ3yCJV4anhgh26m…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MvxGix/eU5GM/qeReD9J9GaNxY0E+X3X49oEj76LlNHFFsgxAHMCLPO4XPspWzpU4HEL+edzqZrNYsQ4e…

selectors probed

Certificate (current)

WE1

from 2026-04-12 to 2026-07-11

Expires in 52 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://leisurepay.io/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: camera=(), microphone=(), geolocation=(), payment=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dashboard.turbolead.ai https://cdn.jsdelivr.net https://esm.sh https://prod.spline.design https://unpkg.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com https://esm.sh https://prod.spline.design https://unpkg.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://mlpy7-production.up.railway.app https://api.emailjs.com https://api.ipify.org https://hmkesunbafgvpwmcbmjp.supabase.co https://esm.sh https://prod.spline.design https://unpkg.com https://cdn.jsdelivr.net https://px.0o0o.io; img-src 'self' blob: data: https:; frame-src 'none'; object-src 'none'; base-uri 'self';
strict-transport-security: max-age=31536000; includeSubDomains

Links to (1)

lpynetwork.com×2

Linked from (1)

leisurepay.org×1