kpo.gov.pl
kpo.gov.pl
HTML metadata
Technology
- Server
- Apache
- Stack
- ASP.NET
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (1)
- www.googletagmanager.com×2
Social
DNS records live
- NS
-
- ns1.mrr.gov.pl
- ns2.mrr.gov.pl
Email authentication no MX
- SPF
-
v=spf1 -allstrict (-all) - DMARC
-
v=DMARC1;p=reject;sp=reject;rua=mailto:raporty.dmarc@mfipr.gov.plpolicy: reject (enforced) · sp=reject - DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 8 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' static.inteliwise.com fonts.googleapis.com *.googletagmanager.com; img-src 'self' data: syndication.twitter.com www.facebook.com *.tile.openstreetmap.org www.gravatar.com *.googletagmanager.com *.google-analytics.com *.google.com www.google.pl cdn.livechat-files.com *.g.doubleclick.net *.gstatic.com fonts.gstatic.com px.ads.linkedin.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.addthis.com *.addthisedge.com static.addtoany.com z.moatads.com *.googletagmanager.com maps.googleapis.com platform.twitter.com *.facebook.net www.google-analytics.com *.livechatinc.com *.livechat.com www.google.com www.gstatic.com *.hotjar.com googleads.g.doubleclick.net cdn.jsdelivr.net static.inteliwise.com *.amazonaws.com www.instagram.com snap.licdn.com m.addtoany.com; font-src 'self' *.livechatinc.com fonts.gstatic.com; connect-src 'self' *.addthis.com stats.addtoany.com nominatim.openstreetmap.org www.google-analytics.com ww- strict-transport-security
max-age=31536000; includeSubDomains