alabsport.pl
alabsport.pl
HTML metadata
Technology
- CDN
- Amazon CloudFront
- Server
- nginx
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (4)
- alablaboratoria.user.com×1
- wrap.tradedoubler.com×1
- www.facebook.com×1
- www.googletagmanager.com×1
Social
Contact
- Address
- ul. Stępińska 22/30, 00-739, Warszawa, PL
DNS records live
- NS
-
- ns-1014.awsdns-62.net
- ns-137.awsdns-17.com
- ns-1383.awsdns-44.org
- ns-1981.awsdns-55.co.uk
- TXT
-
mojecertpl-site-verification-xGAU7QYOw9yZ2mTGnLhBbUUWIRHb2hpO
Email authentication no MX
- SPF
-
v=spf1 ip4:81.15.155.11 include:spf.protection.outlook.com include:_spf.mail03-userengage.com mx a ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=quarantine; sp=quarantine;policy: quarantine · sp=quarantine - DKIM
- no key found at common selectors
Certificate (current)
Amazon RSA 2048 M01
Expires in 185 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
camera=(), microphone=(), geolocation=(self), payment=(), usb=(), accelerometer=(), gyroscope=(), magnetometer=(), fullscreen=(self)- x-content-type-options
nosniff- content-security-policy
default-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: blob:; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; media-src 'self' https: data: blob:; connect-src 'self' https: wss: data: blob:; frame-ancestors 'self'; frame-src 'self' https:; base-uri 'self'; form-action 'self' https:- strict-transport-security
max-age=63072000; includeSubDomains; preload
Links to (9)
Linked from (1)
- alab.pl×1