inpost.co.uk

HTML metadata

Title: InPost | Parcel Locker & Shop Service
Description: InPost offer an affordable and easy-to-use parcel locker service throughout the UK. Collect, send and return parcels quickly with contact-free delivery.
Language: en

Open Graph

url: https://inpost.co.uk/
title: InPost | Parcel Locker & Shop Service
locale: en_GB
site name: InPost
description: InPost offer an affordable and easy-to-use parcel locker service throughout the UK. Collect, send and return parcels quickly with contact-free delivery.

Technology

CDN: Cloudflare
CMS: Next.js

Analytics

Cloudflare Insights
Google Tag Manager

Third-party hosts loaded (2)

static.cloudflareinsights.com×1
www.googletagmanager.com×1

Social

Contact

Address: st a lockerPress EnquiriesTax Strategy PaperCareersTrustpilotTrustpilotCopyright 2026

Registration

Registrar

Key-Systems GmbH

Created

2009-03-02

Expires

2027-03-02 286 days left

Updated

2026-02-06

Name servers

ns.easypack24.net.
ns.inpost.pl.
ns.integer.pl.
ns.paczkomaty.pl.

DNS records live

NS

dns-ns1-ext.easypack24.net
dns-ns2-ext.easypack24.net
dns-ns3-ext.easypack24.net
dns-ns4-ext.easypack24.net

MX

10 inpost-co-uk.mail.protection.outlook.com
20 inpost-co-uk.mail.protection.outlook.com

TXT

Show 18 TXT records

google-site-verification=wZWhcj8T_jTcxzwugIx4Q2CoWLY9gGEz76Zr8_EWOOE
stripe-verification=a2837c30a330fc4068c8e3005568acb7593985ec8095c957c2e1cbb06190e990
_9j51r37hmeya7mwwussfsg37s2y3q97
google-site-verification=ZxdohF-hVl0kEMMl_3HweNMar4CkhM1pb0_W-BL25qE
google-site-verification=G6GXImk8HUqTQMaszIvboXcOlyNep-IR_bVprWoRUNI
knowbe4-site-verification=ff21af3ba6a72311af7b1047048412cf
_g7zgcizufl65e3esjko0sad3cr0z2q2
google-site-verification=cGlf_61JiRwSIsnl07siwgtaIWfbh4WIXANujeZwC1w
openai-domain-verification=dv-cynxk33QBpVTQTBQfQL28Yul
_ocmsr5ulqdbj5nva86d676e7mx0kx4i
intersight=38706e0adf7f56e90eecb4da311757bdb4b368f387dbce0797a03b97798ab4ff
apple-domain-verification=Clhmqm5k898z0OkG
anthropic-domain-verification-0mq7nd=tTNP9dFjUcgZFVTUABztfB5yK
s5Km0YbMrg1RYHbNhvASq08DXzF0IAmQRO5vR/TqsTZIfs+rjZBc3mpsdTHYFLc5k6BFS4MMWdQTZ2a7ouK/DA==
zapier-domain-verification-challenge=79d468b1-2ea5-4ecf-918d-f6f5eee5dbdd
MS=ms83544308
knowbe4-site-verification=d2772491917f47fa297f44f837083663
twilio-domain-verification=166edc488ba62cf3290b534d0a267bd2

Email authentication strong

SPF

v=spf1 a mx ip4:91.216.25.0/24 ip4:89.187.121.83 ip4:80.69.6.92 include:spf.protection.outlook.com include:spf-de.emailsignatures365.com include:8716685.spf07.hubspotemail.net include:amazonses.com include:mail.zendesk.com ~all

softfail (~all)

DMARC

v=DMARC1;p=quarantine;rua=mailto:dmarcreports@inpost.co.uk,mailto:dmarc_agg@vali.email;ruf=mailto:dmarcreports@inpost.co.uk;

policy: quarantine

DKIM

Show 6 DKIM selectors

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArD9Th74BpaRBhOarduNeKA69+2yS/l+dOCnmTpUbdmw7K9FItlp0s3c2tLsKzp6W9PpttDH2QrYzgz…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVBBitCX8zQPM5wmAs1jX5E03rui9OnYM4nas2JYwf7t/i+w9VKOr17PQgKuH/t3EokQIltKRBfn4S…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
dkim: v=DKIM1; h=sha256; k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKkSdYlHLCyjF2nlgu9PREe5V86hJtYW/+ra1kkZLxXLKCQP07Bu4N8u7EsufruwdFsLK…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnorZ5A0SgeM9UcC4Bf11G4lHWTDSwCELJZ4sNpqwGzGwPT7rjv0uKVDfVrEtYkp6nDv5AVkCfMNsjAV9zo…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEz7vlbPAPxl0Q0mSeiQ8fMajT7HkmJxuSXQuqQC8badCZp2UbtuD91xhTBWq7O67D/yhJLY2UaE/V1fcMuYeZyl…

selectors probed

Certificate (current)

E8

from 2026-05-06 to 2026-08-04

Expires in 76 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://inpost.co.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak content type protection
missing Permissions Policy

Header values

referrer-policy: no-referrer
x-frame-options: DENY
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'none';manifest-src 'self' cxp.inpost.co.uk;media-src data:;script-src * 'unsafe-inline' 'unsafe-eval' cxp.inpost.co.uk *.snrcdn.net;worker-src 'self' blob: cxp.inpost.co.uk;connect-src * cxp.inpost.co.uk api.synerise.com;img-src * data: cxp.inpost.co.uk *.snrs.it *.synerise.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com assets.teamtailor-cdn.com www.gstatic.com static.zdassets.com cxp.inpost.co.uk;base-uri *;form-action 'self' forms.hsforms.com;frame-src 'self' challenges.cloudflare.com widget.trustpilot.com www.google.com www.googletagmanager.com cl.avis-verifies.com player.vimeo.com youtube.com www.youtube.com consentcdn.cookiebot.com fls.doubleclick.net inpost.chat.getzowie.com forms.hsforms.com *.fls.doubleclick.net td.doubleclick.net js.stripe.com inpost-uk.chat.getzowie.com cxp.inpost.co.uk *.snrbox.com;font-src 'self' fonts.googleapis.com assets.teamtailor-cdn.com www.gstatic.com static.zdassets.com fonts.gstatic.com cxp.inpost.co.uk *.snrcdn.net
strict-transport-security: max-age=31536000; includeSubDomains; preload