tomice.pl
tomice.pl
HTML metadata
Technology
- Server
- LiteSpeed
- CMS
- WordPress
- jQuery
- 3.7.1
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (3)
- cdn-cookieyes.com×1
- powietrze.malopolska.pl×1
- www.googletagmanager.com×1
Social
Contact
- Phone
DNS records live
- NS
-
- ns1.cyberfolks.pl
- ns2.cyberfolks.pl
- ns3.cyberfolks.pl
- MX
-
- 10 mx-1.dpoczta.pl
- 10 mx-2.dpoczta.pl
- TXT
-
Show 4 TXT records
mojecertpl-site-verification-pyoSByc9eLpNXx4Svs5UxSuELuYBKPE6pyoSByc9eLpNXx4Svs5UxSuELuYBKPE6b95f8a783868bebedcb5ad974bce1082bd271fb91b2da0f8fa473ca0d4dda3618245948d1eeab3411015345b6ac6eaa91e2ae0d774d8db60a6a80d47c66df9
Email authentication strong
- SPF
-
v=spf1 a include:_mail.dhosting.pl -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; sp=reject; rua=mailto:dmarc-raports@tomice.pl; adkim=s; aspf=s;policy: reject (enforced) · sp=reject - DKIM
- no key found at common selectors
Certificate (current)
E7
Expires in 29 days
HTTP security headers
- present
-
- content-security-policy
- x-content-type-options
- referrer-policy
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn-cookieyes.com https://cdn.hu-manity.co https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://cdn-cookieyes.com https://fonts.googleapis.com; img-src 'self' data: https:; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://powietrze.malopolska.pl https://www.googletagmanager.com; connect-src 'self' https://cdn-cookieyes.com https://*.cookieyes.com https://*.hu-manity.co; object-src 'none'; base-uri 'self'; form-action 'self'