indexo.dev

paynow.pl

.pl crawl

First seen 2026-05-24 · Last seen 2026-05-29 · ok HTTP/1.1 200 557 ms crawled 2026-05-29

NL · 51.105.225.233 · AS8075 Microsoft Corporation

Reputation 100/100

Classifying

HTML metadata

Title
Paynow
Description
Nowa najszybsza bramka płatności, która najszybciej wypłaca Twoje pieniądze.
Language
en
Generator
React Static

Open Graph

url
https://www.paynow.pl
title
Paynow | Nowa bramka płatności od mBanku
description
Paynow to darmowa rejestracja i tylko 0,95% prowizji od transakcji bez konieczności negocjacji i deklarowanej kwoty obrotu. Doświadczenie w tworzeniu produktów dla jednego z największych banków w Polsce pozwoliło nam stworzyć proste i intuicyjne narzędzie.

Technology

Server
istio-envoy
CMS
Joomla
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • pwstageassetstorage.blob.core.windows.net×10
  • www.googletagmanager.com×2

DNS records live

NS
  • ns1-09.azure-dns.com
  • ns2-09.azure-dns.net
  • ns3-09.azure-dns.org
  • ns4-09.azure-dns.info
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
Verified for
  • Dynamics 365
  • Google

Email authentication strong

SPF
v=spf1 include:_spf.emaillabs.net.pl include:_spf.google.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:dmarc@paynow.pl; ruf=mailto:dmarc@paynow.pl; sp=quarantine; fo=1; pct=100
policy: quarantine · sp=quarantine
DKIM
no key found at common selectors

Certificate (current)

DigiCert EV RSA CA G2
from 2026-05-11 to 2026-11-26
Expires in 178 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://paynow.pl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
Header values
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(),payment=()
x-content-type-options
nosniff
content-security-policy
default-src 'none'; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' 'nonce-S3xSM/nmMjkNx3YjDpUDaDJRmWXhOUd44/RamhugqWI=' 'unsafe-inline' https://www.googletagmanager.com https://connect.facebook.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://pwstageassetstorage.blob.core.windows.net https://raw.githubusercontent.com https://www.google-analytics.com; font-src 'self' https://fonts.gstatic.com https://static.paynow.pl data: ; connect-src 'self' https://sentry.io https://www.google-analytics.com https://stats.g.doubleclick.net; media-src 'self' data: https://pwstageassetstorage.blob.core.windows.net; object-src 'none'; child-src 'none'; frame-src https://www.youtube.com; worker-src 'none'; frame-ancestors 'none'; form-action 'self'; base-uri 'none'; manifest-src 'self'; report-uri https://sentry.io/api/1442554/security/?sentry_key=98205a64726849b88d9f1e23d10066ed&sen
strict-transport-security
max-age=31536000; includeSubDomains

Linked from (2)