paypay.pt

.pt crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 1349 ms crawled 2026-05-30

PT · 193.43.40.154 · AS15525 Servicos De Comunicacoes E Multimedia S.A.

Reputation 92/100 weak subdomain policy

Classifying

HTML metadata

Title: PayPay - Secure Online Payment Solution
Description: Learn how PayPay makes it easy to receive payments via MB WAY, ATM and Credit/Debit Cards, with no monthly fees and no loyalty.
Language: en

Technology

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Contact

Email

Phone

707451451

DNS records live

NS

destiny.ns.cloudflare.com
skip.ns.cloudflare.com

MX

10 mail.paypay.pt

TXT

pardot969993=f544173d7c65ec2dc43ea5cf90872ff06c860517a42b4aa52f5f9f35b03b3abc

Email authentication strong

SPF

v=spf1 a mx ip4:62.28.56.188 ip4:62.28.56.161 ip4:62.28.56.174 ip4:193.43.40.177 ip4:193.43.40.183 ip4:193.43.40.184 include:_spf.salesforce.com include:spf.mailjet.com -all

strict (-all)

DMARC

v=DMARC1;p=reject;pct=100;rua=mailto:sysadmin_dmarc_reports_l9yt2@paypay.pt; sp=none; aspf=s; adkim=s;

policy: reject (enforced) · sp=none

DKIM

default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunslOlHT1iHevU+Nuv+iWyXG8vx6GnBmJV6K/gae23x7cVOBOnepgI+FSfWLPM/M1Wd/hOowCrQU4T…

selectors probed

Certificate (current)

Sectigo RSA Domain Validation Secure Server CA

from 2025-10-22 to 2026-11-22

Expires in 174 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://paypay.pt/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: base-uri 'self';connect-src 'self' *.google-analytics.com *.analytics.google.com *.g.doubleclick.net *.google.com pagead2.googlesyndication.com *.googletagmanager.com *.googleadservices.com https://cdn.botpress.cloud/webchat/src/inject.ts https://cdn.botpress.cloud/webchat/v1/inject.css.map;default-src 'self';font-src 'self' data:;form-action 'self';frame-src 'self' td.doubleclick.net *.googletagmanager.com *.googleadservices.com www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ https://www.youtube.com/ https://cdn.botpress.cloud/webchat/v1/index.html;img-src 'self' *.google-analytics.com *.analytics.google.com *.g.doubleclick.net *.google.com pagead2.googlesyndication.com *.googletagmanager.com *.googleadservices.com data: blob:;media-src 'self';object-src 'none';script-src 'self' 'nonce-kVi6CeXccRMZ48lXoGy1HQ6FbVoVcE8u' *.google-analytics.com *.analytics.google.com *.g.doubleclick.net *.google.com pagead2.googlesyndication.com *.googletagmanager.com *.googleadservices.com www
strict-transport-security: max-age=63072000; includeSubDomains; preload;

Links to (8)

Linked from (2)

taxaturismo.pt×1
acin.pt×1