tubiedronka.pl
tubiedronka.pl
HTML metadata
Technology
- jQuery
- 3.5.0
- Fonts
-
- Google Fonts
Third-party hosts loaded (2)
- static.biedronka.pl×115
- fonts.googleapis.com×1
DNS records live
- NS
-
- ns1.agnat.pl
- ns2.agnat.pl
- ns3.agnat.pl
- MX
-
- 0 mail01.jeronimo-martins.pl
- 1 mail02.jeronimo-martins.pl
Email authentication weak
- SPF
-
v=spf1 mx include:_spf.jmpolska.com -allstrict (-all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R12
Expires in 71 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self' in.hotjar.com s3-eu-west-1.amazonaws.com s7g10.scene7.com static-jmpovh.hyperlab.pl maps.googleapis.com analytics.tiktok.com popups.landingi.com stats.landingi.com region1.google-analytics.com vc.hotjar.io lightboxes.landingi.com tagmanager.landingi.io app.push-ad.com www.google-analytics.com geolocation.onetrust.com stats.g.doubleclick.net api3.push-ad.com ct.pinterest.com app2.push-api.pl track.push-ad.com cdn.cookielaw.org static.biedronka.local static-wwwbiedronkapl-dev-php56.hyperlab.pl static.biedronka.pl pagead2.googlesyndication.com www.google.com googleads.g.doubleclick.net tr.snapchat.com dmp.push-api.pl ams.creativecdn.com jmp-privacy.my.onetrust.com cdn.jsdelivr.net tr6.snapchat.com *.crazyegg.com cdn.biedronka.cloud; script-src 'self' data: http: https: 'unsafe-inline' 'unsafe-eval' s7g10.scene7.com cdn-jmpovh.hyperlab.pl static-jmpovh.hyperlab.pl maps.googleapis.com code.jquery.com www.youtube.com lf16-tiktok-web.t- strict-transport-security
max-age=31536000; includeSubDomains