indexo.dev

kolekcja-hachette.pl

.pl crawl

First seen 2026-06-01 · Last seen 2026-06-02 · ok HTTP/1.1 200 697 ms crawled 2026-06-01

US · 104.18.2.221 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Kolekcja Hachette | Hachette Collections
Description
Kolekcja Hachette
Language
pl
Canonical
/pl-pl/
Translations
  • es ×5
  • fr ×3
  • en ×2
  • pt ×2
  • de
  • it
  • ja
  • pl

Technology

CDN
Cloudflare
Stack
PHP
Cookie consent
  • OneTrust
Fonts
  • Google Fonts
Third-party hosts loaded (15)
  • www.hachette-collections.com×3
  • www.hachettecollections.com×2
  • ar.salvat.com×1
  • br.salvat.com×1
  • cdn.cookielaw.org×1
  • co.salvat.com×1
  • fonts.googleapis.com×1
  • hachettepartworks.com×1
  • hcj.jp×1
  • mx.salvat.com×1
  • pe.salvat.com×1
  • pt.salvat.com×1
  • www.hachette.de×1
  • www.hachette.it×1
  • www.salvat.com×1

Social

DNS records live

NS
  • abdullah.ns.cloudflare.com
  • sloan.ns.cloudflare.com
MX
  • 1 mx1.mail.ovh.net
  • 100 mx3.mail.ovh.net
  • 5 mx2.mail.ovh.net

Email authentication partial

SPF
v=spf1 include:mailgun.org include:spf.protection.outlook.com include:de._netblocks.mimecast.com ~all
softfail (~all)
DMARC
v=DMARC1;p=none;sp=none;aspf=r;
policy: none (monitoring only) · sp=none
DKIM
no key found at common selectors

Certificate (current)

Cloudflare TLS Issuing ECC CA 3
from 2026-06-01 to 2026-08-30
Expires in 88 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://kolekcja-hachette.pl/pl-pl/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
Header values
permissions-policy
accelerometer=(), geolocation=(self), fullscreen=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(self)
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' *.clarity.ms *.telebalance.tv *.my-probance.one *.privacy-center.org *.cloudflareinsights.com *.criteo.com *.googlesyndication.com *.snapchat.com *.r66net.net *.amazon-adsystem.com *.paa-reporting-advertising.amazon sc-static.net *.adform.net rules.quantcount.com secure.quantserve.com js.adsrvr.org mpsnare.iesnare.com libs.hipay.com mpsnare.iesnare.com/time.mp3 cdn.sticky.io marketing.hachette-partworks.com cdn.wishpond.net/connect.js u.videostep.com analytics.tiktok.com www.clarity.ms static.r66net.com k.r66net.com ks.invibes.com www.paypalobjects.com tag.aticdn.net cdn3.actito.com/legacy/actito-goal/goal.js www.awin1.com www.dwin1.com www.paypal.com geolocation.onetrust.com fevoki.wejekihota.com apis.google.com cdn.cookielaw.org www.googletagmanager.com connect.facebook.net ws1.postescanada-canadapost.ca cdnjs.cloudflare.com cdn.doofinder.com cdn.hachette-collections.com www.google-analytics.com *.google.com sc
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (8)

Linked from (7)