indexo.dev

ovb.pl

.pl crawl

First seen 2026-05-22 · Last seen 2026-05-31 · ok HTTP/1.1 200 7550 ms crawled 2026-05-28

DE · 192.109.14.226 · AS24861 SITS Deutschland GmbH

Reputation 100/100

Classifying

HTML metadata

Title
OVB Allfinanz Polska Spółka Finansowa Sp. z o.o.
Description
Niezależnie, czy chodzi o emeryturę, ochronę czy aktywa - w kwestiach finansowych jesteśmy zawsze do Twojej dyspozycji. Dowiedz się więcej!
Language
pl-PL
Generator
TYPO3 CMS
Canonical
https://www.ovb.pl/

Technology

Server
Apache
jQuery
1.10.2 known XSS (<3.5)

Social

Contact

Phone
Address
ul. Mierosławskiego 11A, 01-527, Warszawa, Warszawa, PL

DNS records live

NS
  • ns-1030.awsdns-00.org
  • ns-1567.awsdns-03.co.uk
  • ns-477.awsdns-59.com
  • ns-615.awsdns-12.net
TXT
Show 4 TXT records
  • zky2bp2bbhbng53pk2s6tv1647ffg8j8
  • 1r0bsr0mb7722x1bs96y2vdsybz7bb2n
  • fqf9jt59jq8nwddw9s4jzvwd9yk4klg7
  • gvz72qkdkp7l51bsqs1pv39c1rt5d9vr

Email authentication no MX

SPF
v=spf1 mx include:icw.ovb.email include:news.ovb.email -all
strict (-all)
DMARC
v=DMARC1; p=reject; pct=100; rua=mailto:dmarc@ovb-mail.eu; fo=1
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-05-25 to 2026-08-23
Expires in 82 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.ovb.pl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
sameorigin
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'nonce-4mQbQJiJuHpx6XPANgtAMYvlfz8_jgy8SKkG9zDvtNMggd6Efc11Vg' https://*.googleapis.com https://jawj.github.io https://cdn.jsdelivr.net 'sha256-3bzWVxQE32IZQKH9eh8KzyHuhXOlMrboDVVBRd0fWTU=' 'wasm-unsafe-eval' 'sha256-Uj/v88tG3kktFGTzlVxe8oOKd3rg17YwEeVwFtPNtvE=' 'sha256-Vgqioa4eqa7X+ICAn0emZgPMVaTSQjR21Ya4ttTcyjs=' 'sha256-jT5sGWQmoSPNyLNtSXFAaRSLGlWV8E1yUrcPfxQ6y2Q=' 'sha256-abPq+DkEHMZiz/7e0xgxn09M+2bNYLByVVJlqlWRMR8=' https://www.ovb.pl 'report-sample'; style-src-attr 'unsafe-inline' 'report-sample'; img-src 'self' data: *.ytimg.com *.vimeocdn.com https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com https://*.google-analytics.com https://*.googletagmanager.com; base-uri 'self'; frame-src 'self' *.youtube-nocookie.com *.youtube.com *.vimeo.com *.google.com *.frcapi.com https://*.googletagmanager.com; style-src-elem 'self' 'nonce-4mQbQJiJuHpx6XPANgtAMYvlfz8_jgy8SKkG9zDvtNMggd6Efc11Vg' https://fonts.gstatic.com https:
strict-transport-security
max-age=31536000; includeSubDomains

Links to (6)

Linked from (2)