pcosa.com.pl
pcosa.com.pl
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Gatsby
- Stack
- PHP
- Fonts
-
- Google Fonts
Third-party hosts loaded (4)
- cdn.cookie-script.com×1
- fonts.googleapis.com×1
- fonts.gstatic.com×1
- www.youtube.com×1
Social
Contact
- Phone
DNS records live
- NS
-
- randy.ns.cloudflare.com
- sneh.ns.cloudflare.com
- MX
-
- 10 mail.pcosa.com.pl
- TXT
-
ppe-c28f14ea3828431268cd9c1e6707279039411ce7MS=EAB94DD7D2E5983998215D7E3F5A7F42936DDAF6
- Verified for
-
- Apple
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 mx ip4:81.15.133.2 include:spf.protection.outlook.com -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:dmarc@pcosa.com.pl; ruf=mailto:dmarc@pcosa.com.pl; sp=rejectpolicy: reject (enforced) · sp=reject - DKIM
- no key found at common selectors
Certificate (current)
WE1
Expires in 68 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.youtube.com https://region1.google-analytics.com/ https://skk.erecruiter.pl https://cdn.cookie-script.com/; object-src 'none'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://skk.erecruiter.pl; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://www.youtube.com https://www.google.com/; img-src 'self' data:- strict-transport-security
max-age=31536000; includeSubDomains; preload