cpop.pl — domain check, WHOIS, DNS & reputation

HTML metadata

Title: Centrum Pomocy Osobom Poszkodowanym
Description: Przez kompleksową rehabilitację medyczną, społeczną i zawodową osób ciężko poszkodowanych w wypadkach do ich jak najszybszego powrotu do życia – to nasza misja. Celem CPOP jest realizowanie najwyższej jakości usług w zakresie rehabilitacji w sposób odpowiedzialny i optymalny zarówno dla poszkodowanych, jak i ubezpieczycieli.
Language: pl-PL
Generator: Astro v4.16.9

Technology

Server: Unknown

Third-party hosts loaded (2)

cdn.jsdelivr.net×1
www.google.com×1

Social

Contact

Phone

+48585556706

DNS records live

NS

ns1.ergohestia.pl
ns2.ergohestia.pl

MX

10 cpop-pl.mail.protection.outlook.com

TXT

lD+okV/yRGqPZbboaIroR/yUeEwdpY0yXEBqkyWmwHJiJYFPcRny7JeawKt7r2fclOlzoBAxHys4pAjE0hhU+g==

Verified for

Microsoft 365

Email authentication weak

SPF

v=spf1 mx ip4:91.198.179.205 ip4:91.198.179.207 ip4:95.211.12.242 ip4:198.37.152.229 ip4:91.198.179.73 ip4:91.198.179.74 ip4:51.38.151.72 include:spf.protection.outlook.com -all

strict (-all)

DMARC

not published

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9N/g52QWACUD5vQsPXFD/jb/U/E5pVo0Qb385etXLme1LfWnHGfmstZ118tfMPvfQWl/IZl7ZuwG3c+VAWK…
selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUNTYGB/j7yILMvgpG7/cmIWXeC7rXbIh0TpPkMkfr3y+NXKFzNLIuWKs2W0t9HImdISni9bueinEAjyHULZ…

selectors probed

Certificate (current)

GeoTrust TLS RSA CA G1

from 2026-05-06 to 2026-11-21

Expires in 173 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://cpop.pl/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: origin-when-cross-origin
x-frame-options: DENY
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(*), geolocation=(*), gyroscope=(), interest-cohort=(), magnetometer=(), microphone=(), midi=(), payment=(), usb=()
x-content-type-options: nosniff
content-security-policy: script-src-elem 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.googleapis.com https://cdn.jsdelivr.net https://www.youtube.com https://player.vimeo.com https://www.googletagmanager.com https://sfwtepsfr.ergohestia.pl https://*.google-analytics.com https://*.ergohestia.pl https://skk.erecruiter.pl https://*.google.com https://www.googleadservices.com https://unpkg.com https://*.googlecode.com https://*.hotjar.com https://*.hotjar.io https://connect.facebook.net https://googleads.g.doubleclick.net https://www.gstatic.com http://platform.twitter.com https://*.vimeocdn.com https://*.3way.pl https://www.youtube-nocookie.com https://*.cloudflare.com https://*.googlesyndication.com https://*.doubleclick.net https://dc.cux.io https://cdn.cookielaw.org https://img.youtube.com https://static.cloudflareinsights.com https://*.cookieyes.com https://cdn-cookieyes.com https://analytics.tiktok.com https://tagmanager.google.com https://www.gstatic.com https://sc-static.net https://*.licdn.com htt
strict-transport-security: max-age=2592000; includeSubDomains
cross-origin-opener-policy: same-origin

Links to (3)

Linked from (2)

mtu.pl×1
ergohestia.pl×1