polfirms.pl
HTML metadata
Technology
- Server
- Apache
- jQuery
- 1.7.1 known XSS (<3.5)
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (4)
- polfirms.com×2
- ajax.googleapis.com×1
- aktru.eu×1
- www.googletagmanager.com×1
Contact
- Phone
- Address
- ul. Gdowska 22A, 32-020, Wieliczka, PL
DNS records live
- NS
-
- dns.smarthost.pl
- dns2.smarthost.pl
- dns3.smarthost.pl
- MX
-
- 0 polfirms.pl
Email authentication partial
- SPF
-
v=spf1 ip4:91.211.220.59 ip4:91.211.220.144 +a +mx +ip4:91.211.220.45 ~allsoftfail (~all) - DMARC
-
v=DMARC1 ;p=nonepolicy: none (monitoring only) - DKIM
-
- default:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsKKmOGAxm2fAPwMr60GD3cSU/SB+YYqGqiWyDx4IXT7bUHSg6R1uRnE9P2/GJwJt9K/p0tcjvgt9u…
selectors probed - default:
Certificate (current)
cyber_Folks
Expires in 91 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- cross-origin-opener-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
geolocation=(), microphone=(), camera=(), payment=()- x-content-type-options
nosniff- content-security-policy
default-src 'self'; img-src 'self' data: https:; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; font-src 'self' https: data:; connect-src 'self' https:; frame-src https:; object-src 'none'; base-uri 'self'; form-action 'self';- strict-transport-security
max-age=31536000; includeSubDomains; preload- cross-origin-opener-policy
same-origin- cross-origin-resource-policy
same-origin
Links to (6)
- polturizm.pl×1
- polfirms.de×1
- pol-agro.pl×1
- kompass.com×1
- aktru.pl×1
- aktru.eu×1
Linked from (9)
- polfirms.de×1
- polfirms.dk×1
- polfirms.at×1
- polfirms.se×1
- polfirms.fi×1
- aktru.pl×1
- polfirms.eu×1
- weldon.eu×1
- stahlbau-weldon.de×1