cdt.pl
cdt.pl
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Drupal
- Analytics
-
- Cloudflare Insights
- Google Tag Manager
- Fonts
-
- Google Fonts
Third-party hosts loaded (5)
- fonts.googleapis.com×3
- fonts.gstatic.com×1
- static.cloudflareinsights.com×1
- www.google.com×1
- www.googletagmanager.com×1
Social
Contact
DNS records live
- NS
-
- leo.ns.cloudflare.com
- nelly.ns.cloudflare.com
- MX
-
- 5 mx1.pfr.pl
- 5 mx2.pfr.pl
- Verified for
-
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 mx include:spf.protection.outlook.com include:_spf.freshmail.pl -allstrict (-all) - DMARC
-
v=DMARC1; p=rejectpolicy: reject (enforced) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9ReDTHQuVn7nQUxKePoWoeeHWhYNilNZ05lJCmZ3yx1o1EenYiSjTQr1LFhPZ/EckqcLmbpoijlI8X…
selectors probed - selector1:
Certificate (current)
WE1
Expires in 32 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self' *.doubleclick.net *.googletagmanager.com *.google-analytics.com *.analytics.google.com *.optimizely.com *.facebook.com *.facebook.net adservice.google.com adservice.google.pl connect.facebook.net *.doubleclick.net *.fls.doubleclick.net fonts.googleapis.com fonts.gstatic.com www.gstatic.com *.googlesyndication.com https://unpkg.com www.googletagmanager.com www.google.com https://apps.mypurecloud.com https://enigma1.pfr.pl https://googleadservices.com https://hotjar.com *.gov.pl *.cludo.pl; script-src 'self' 'unsafe-inline' https://scripts.hotjar.com https://static.hotjar.com https://consentcdn.cookiebot.eu https://translate-pa.googleapis.com https://snap.licdn.com https://translate.googleapis.com https://translate.google.com https://www.gstatic.com https://www.google.com https://www.linkedin.com https://assets.mlcdn.com https://groot.mailerlite.com https://assets.mailerlite.com https://public.flourish.studio https://an.gr-wcon.com https://us-wbe.gr-cdn.com https://- strict-transport-security
max-age=15552001; includeSubDomains
Links to (22)
- youtube.com×1
- twitter.com×1
- tiktok.com×1
- strefawiedzypfr.pl×1
- pfrventures.pl×1
- pfrtfi.pl×1
- pfrportal.pl×1
- pfro.pl×1
- pfrnieruchomosci.pl×1
- pfr.pl×1
- parp.gov.pl×1
- paih.gov.pl×1
- mailerlite.com×1
- linkedin.com×1
- kuke.com.pl×1
- kuke-finance.pl×1
- instagram.com×1
- grupapfr.pl×1
- fundacjapfr.pl×1
- facebook.com×1
- bgk.pl×1
- arp.pl×1