medistore.com.pl — domain check, WHOIS, DNS & reputation

HTML metadata

Title

Medyczny marketplace: kup badania i produkty medyczne online | Medistore

Description

Medistore to wszystko dla Twojego zdrowia. Pakiety medyczne, konsultacje lekarskie i ponad 1800 badań i usług w jednym miejscu. Skorzystaj już teraz!

Language

pl-PL

Canonical

https://www.medistore.com.pl

Translations

en
pl

Open Graph

url: https://www.medistore.com.pl
title: Medistore
locale: pl_PL
site name: Medistore
description: Medistore to wszystko dla Twojego zdrowia. Pakiety medyczne, konsultacje lekarskie i ponad 1800 badań i usług w jednym miejscu. Skorzystaj już teraz!
locale:alternate: en_PL

Technology

Server: nginx
CMS: Nuxt

Third-party hosts loaded (1)

flagcdn.com×3

Social

Contact

Phone

500900550

Address

Aleje Jerozolimskie 96, 00-807, Warszawa, PL

DNS records live

NS

dns1.cscdns.net
dns2.cscdns.net

MX

10 mx.emea.email.fireeyecloud.com

Verified for

Ahrefs
GlobalSign
Google
Microsoft 365

Email authentication partial

SPF

v=spf1 include:_spf.medicover.com include:spf.protection.outlook.com include:_spf.fireeyecloud.com -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc_reports@medicover.pl; pct=100; adkim=r; aspf=r;

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqnoQE2E3+FsOM0fA2fhP1vhAfl9lwUFl/Cg9s6Zk05YcuY/64YqEXwWkMg1CMcEK5iePx6cjnxmgj…

selectors probed

Certificate (current)

Corporation Service Company RSA OV SSL CA

from 2025-08-19 to 2026-08-20

Expires in 80 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.medistore.com.pl/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection

Header values

referrer-policy: strict-origin-when-cross-origin
permissions-policy: camera=(), display-capture=(), fullscreen=(*), geolocation=(self), microphone=(), encrypted-media=(*), autoplay=(*)
x-content-type-options: nosniff
content-security-policy: base-uri 'none'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self'; img-src 'self' data: https: blob:; object-src 'none'; script-src-attr 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.consentmanager.net https://*.conpeek.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://*.adform.net https://*.analytics.google.com https://*.clarity.ms https://*.conpeek.com https://*.consentmanager.net https://*.google-analytics.com https://*.google.com https://*.googleadservices.com https://*.googletagservices.com https://*.googlevideo.com https://*.gstatic.com https://*.ip-api.com https://*.przelewy24.pl https://*.redditstatic.com https://*.salesmanago.pl https://*.youtube.com https://ad.doubleclick.net https://adservice.google.com https://adservice.google.pl https://analytics.tiktok.com https://bat.bing.com https://bat.bing.net https://cdn.consentmanager.net https://cdn.tmtarget.com https://connect.facebook.net/ https://google
strict-transport-security: max-age=15552000; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: cross-origin

Links to (3)

Linked from (2)

wellfitness.pl×1
medicover.pl×1