pepco.hr
Total score
0.50
/ 1.00
Web hosting
0.0Non-EU-controlled provider (US, CLOUDFLARENET)
- Hostname
- pepco.hr
- IP address
- 23.227.38.65
- Country
- US-controlled (IP in Canada — provider HQ is US, outside the EU)
- ASN
- CLOUDFLARENET
- Server software
- cloudflare (CDN: Cloudflare)
Show raw HTTP headers ↓
Date: Thu, 04 Jun 2026 16:34:40 GMT
Content-Type: text/html
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding, Accept-Language, Cookie
Content-Security-Policy: base-uri 'self'; default-src 'self' https://cdn.media.amplience.net https://cdn.static.amplience.net https://pepdemo01.a.bigcontent.io/ https://*.myshopify.com https://app.amplience.net https://*.staging.bigcontent.io https://*.google-analytics.com https://analytics.google.com 'self' 'nonce-db31889e46d0be5b36ea7a8a4777c718' https://cdn.shopify.com https://shopify.com; frame-ancestors 'self' https://app.amplience.net https://*.myshopify.com https://admin.shopify.com https://tagmanager.google.com https://*.google.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maps.gstatic.com https://cdn.shopify.com https://cdn.shopifycdn.com https://www.googletagmanager.com https://*.googletagmanager.com https://*.google-analytics.com https://analytics.google.com https://cookie-cdn.1trust.app https://cdn.cookielaw.org https://*.onetrust.com 'self' 'unsafe-inline' https://cdn.shopify.com; connect-src 'self' https://api.digi.pepco.eu https://maps.googleapis.com https://maps.gstatic.com https://*.googleapis.com https://*.gstatic.com ws://localhost:* ws://127.0.0.1:* ws://*.tryhydrogen.dev:* https://*.google-analytics.com https://analytics.google.com https://*.analytics.google.com https://www.googletagmanager.com https://*.googletagmanager.com https://*.google.com https://*.google.co.in https://*.google.co.uk https://*.google.de https://*.google.pl https://*.google.cz https://*.google.hu https://*.google.ro https://*.google.hr https://*.google.sk https://*.google.si https://*.google.es https://*.google.it https://*.google.at https://*.google.lt https://*.doubleclick.net https://googleads.g.doubleclick.net https://*.googlesyndication.com https://*.googleadservices.com https://cookie-cdn.1trust.app https://cdn.cookielaw.org https://geolocation.onetrust.com https://*.onetrust.com https://onetrust.com https://www.google.com https://www.gstatic.com https://*.firebaseapp.com https://identitytoolkit.googleapis.com https://securetoken.googleapis.com https://*.amplience.net https://api.synerise.com https://*.app.pepco.eu https://*.mediarithmics.com https://*.adnxs.com 'self' https://cdn.shopify.com/ https://monorail-edge.shopifysvc.com https://pepco-prod-1.myshopify.com https://pepco-prod-1.myshopify.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' blob: data: https://maps.googleapis.com https://maps.gstatic.com https://cdn.shopify.com https://cdn.shopifycdn.com https://cookie-cdn.1trust.app https://*.googletagmanager.com https://*.google-analytics.com https://analytics.google.com https://cdn.cookielaw.org https://optanon.blob.core.windows.net https://*.staging.bigcontent.io https://*.onetrust.com https://onetrust.com https://www.google.com https://www.gstatic.com https://*.firebaseapp.com https://*.googleapis.com https://apis.google.com/ https://*.mediarithmics.com https://cm.g.doubleclick.net https://ib.adnxs.com 'nonce-db31889e46d0be5b36ea7a8a4777c718'; script-src-elem 'self' 'unsafe-inline' blob: data: https://maps.googleapis.com https://maps.gstatic.com https://cdn.shopify.com https://cdn.shopifycdn.com https://cookie-cdn.1trust.app https://*.googletagmanager.com https://*.google-analytics.com https://analytics.google.com https://cdn.cookielaw.org https://optanon.blob.core.windows.net https://*.staging.bigcontent.io https://*.onetrust.com https://onetrust.com https://www.google.com https://www.gstatic.com https://*.firebaseapp.com https://*.googleapis.com https://apis.google.com/ https://*.mediarithmics.com https://cm.g.doubleclick.net https://ib.adnxs.com; img-src 'self' data: blob: https://*.googleapis.com https://*.gstatic.com https://*.googleusercontent.com https://*.ggpht.com https://cdn.media.amplience.net https://cdn.static.amplience.net https://pepdemo01.a.bigcontent.io https://cdn.shopify.com https://cdn.shopifycdn.com https://*.staging.bigcontent.io https://*.google-analytics.com https://analytics.google.com https://www.googletagmanager.com https://*.googletagmanager.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://*.googlesyndication.com https://*.google.com https://*.google.co.in https://*.google.co.uk https://*.google.de https://*.google.pl https://*.google.cz https://*.google.hu https://*.google.ro https://*.google.hr https://*.google.sk https://*.google.si https://*.google.es https://*.google.it https://*.google.at https://*.google.lt https://*.googleadservices.com https://cookie-cdn.1trust.app https://cdn.cookielaw.org https://*.onetrust.com; font-src 'self' https://fonts.gstatic.com https://cdn.shopify.com https://cdn.shopifycdn.com https://fonts.shopifycdn.com https://cdn.cookielaw.org https://*.onetrust.com data:; worker-src 'self' blob:; frame-src 'self' blob: data: about: https://www.google.com https://www.gstatic.com https://*.firebaseapp.com https://www.youtube.com https://player.vimeo.com https://www.googletagmanager.com https://*.googletagmanager.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://*.onetrust.com https://onetrust.com https://cdn.cookielaw.org https://cookie-cdn.1trust.app; child-src 'self' blob: data: about: https://*.onetrust.com https://cdn.cookielaw.org
Permissions-Policy: camera=(), microphone=(), usb=(), bluetooth=(), payment=(), autoplay=(), clipboard-read=(), clipboard-write=(), fullscreen=(self)
X-Permitted-Cross-Domain-Policies: none
oxygen-full-page-cache: uncacheable
powered-by: Shopify, Oxygen, Hydrogen
x-request-id: dbab50c6-90c2-4e9f-832a-24f2c582387e-1780590880
X-Download-Options: noopen
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ygaZioI9fdAIQARIexBPYYt5hfM1jD6WAdcL4yvjbux6S1ay35Q92686GDUYRUJgRCScS4O6bT07sDKJVkoy0GxuAR3wYhMGy4ezIByF8F8wpcbBMYkzHjk1"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: br
Server: cloudflare
CF-RAY: a06858a848f18dcb-HEL
alt-svc: h3=":443"; ma=86400
Verify independently
- Look up this IP on bgp.he.net (23.227.38.65) ↗
- Search this ASN on bgp.he.net ↗
- Run a DNS lookup on this host (pepco.hr) ↗
Last scanned:
Mail hosting
N/A (no MX record)
No mail server (MX) probed for this domain.
DNS
1.0DNS is managed by an EU provider (dns1.tld.pl)
- Primary nameserver
- dns1.tld.pl
- Country
- PL
- ASN
- Cyber_Folks S.A.
Verify independently
- Search this ASN on bgp.he.net ↗
- Run a DNS lookup on this host (dns1.tld.pl) ↗
- To verify yourself, run: dig +short dns1.tld.pl, then look up the IP on bgp.he.net.
Last scanned:
Score values: 1.0 = sovereign (EU-hosted, EU provider). 0.0 = non-sovereign (outside the EU, or on a non-EU-controlled provider — US, UK, etc. — regardless of where the datacenter sits). N/A = the sub-score couldn't be measured (no MX record, unresolvable host, etc.) and is excluded from the total.