indexo.dev

borniak.com

.com crawl

First seen 2026-04-19 · Last seen 2026-05-19 · ok HTTP/1.1 200 7547 ms crawled 2026-05-13

FR · 51.75.55.29 · AS16276 OVH SAS

Reputation 100/100

Classifying

HTML metadata

Title
Manufacturer of smokehouses and accessories for smoking, home smoking with hot smoke, cold smoke - Borniak
Description
Borniak smokers and accessories – an easy way to smoke meat, fish and cheese at home. Enjoy reliable quality and natural flavour.
Language
en

Technology

Server
nginx
CMS
Gatsby
Analytics
  • Google Tag Manager
Social widgets
  • YouTube Embed

Third-party hosts loaded (2)

  • www.googletagmanager.com×1
  • www.youtube.com×1

Social

Contact

Email
Phone
Address
Al. Niepodleglosci 41, 78-449, Borne Sulinowo, PL

Registration

Registrar
OVH sas
Created
2005-10-21
Expires
2026-10-21 154 days left
Updated
2026-02-26
Name servers
  • dns200.anycast.me
  • ns200.anycast.me

DNS records live

NS
  • dns200.anycast.me
  • ns200.anycast.me
MX
  • 1 mail.borniak.pl
TXT
Show 5 TXT records
  • google-site-verification=D7tsNg21PvxqnX8htnffok3FFcvKs_CyYRuBbjwTN90
  • 1|www.borniak.com
  • brevo-code:5c879c5beca4ae2c651b5997fad5b5e2
  • MS=ms61390047
  • apple-domain-verification=vGTnyS6kb3ITiWI8

Email authentication strong

SPF
v=spf1 a mx a:mail.borniak.pl ip4:51.83.214.244 ip6:2001:41d0:602:251d:0:0:0:0 include:borniak.pl -all
strict (-all)
DMARC
v=DMARC1;p=reject;rua=mailto:abuse@borniak.com;sp=reject;aspf=s;
policy: reject (enforced) · sp=reject
DKIM
  • default: v=DKIM1;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCyOApxPO9XLuVHNOLBIJh2GKjhIKCsgBzaaQPwQdsHPecPTDCwiX0XgI1Wl/V8QMVc9jPO5YAL9c9IaOUBLEjG9N5Lkp…
  • mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed

Certificate (current)

R12
from 2026-03-27 to 2026-06-25
Expires in 36 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://borniak.com/

present
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com www.paypalobjects.com static.payu.com *.cloudflare.com *.cloudflare.net *.cloudfront.net *.fontawesome.com *.twitter.com *.twimg.com *.trustedshops.com *.googleapis.com *.borniak.pl borniak.pl fabrity.borniak.pl *.addsauce.com *.revolut.com *.paypal.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.amazon.com https://widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.twitter.com *.revolut.com secure.payu.com secure.snd.payu.com 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com *.amazon.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtu

Links to (8)

Linked from (3)