tzfpolfa.pl
HTML metadata
Technology
- Server
- nginx
- CMS
- WordPress
Third-party hosts loaded (1)
- cdn-cookieyes.com×1
Social
Contact
- Phone
DNS records live
- NS
-
- ns1.domeny.host
- ns2.domeny.host
- MX
-
- 10 tzfpolfa.pl
- Verified for
-
Email authentication partial
- SPF
-
v=spf1 a mx include:spf.tld.pl -allstrict (-all) - DMARC
-
v=DMARC1; p=none; sp=nonepolicy: none (monitoring only) · sp=none - DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 37 days
HTTP security headers
- present
-
- content-security-policy
- findings
-
- missing HSTS
- CSP uses wildcard sources
- missing frame protection
- missing content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- content-security-policy
default-src 'self'; base-uri 'self'; object-src 'none'; form-action 'self'; frame-ancestors 'self'; upgrade-insecure-requests; script-src 'self' 'nonce-JH+Ec95T75lSA41ONeB4LQ=='; script-src-elem 'self' 'nonce-JH+Ec95T75lSA41ONeB4LQ==' https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://ssl.google-analytics.com https://challenges.cloudflare.com https://cdn.cookieyes.com https://cdn-cookieyes.com https://*.cookieyes.com; script-src-attr 'none'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://region1.google-analytics.com https://tagmanager.google.com https://*.cookieyes.com https://cdn.cookieyes.com https://cdn-cookieyes.com https://challenges.cloudflare.com; img-src 'self' data: blob: https://www.google-analytics.com https://stats.g.doubleclick.net https://*.g.doubleclick.net https://*.cookieyes.com https://cdn.cookieyes.com https://cdn-cookieyes.com; frame-src https://challenges.cloudflare.co