indexo.dev

aktywnigospodarczo.pl

.pl crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 421 ms crawled 2026-05-30

PL · 185.38.248.156 · AS197226 sprint S.A.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Inwestycje Powiatu Tomaszowskiego oraz Miasta Tomaszowa Mazowieckiego
Language
pl

Technology

Server
Apache
jQuery
3.2.1 known XSS (<3.5)
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (4)

  • fonts.googleapis.com×1
  • maps.googleapis.com×1
  • translate.google.com×1
  • www.googletagmanager.com×1

Contact

Phone

DNS records live

NS
  • dns.home.pl
  • dns2.home.pl
  • dns3.home.pl
MX
  • 10 tomaszow-maz.home.pl

Email authentication weak

SPF
v=spf1 mx a ptr ~all
softfail (~all)
DMARC
not published
DKIM
  • dkim: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2t7mPEUVR1HnQarF2lbAmyxZjmgF8JRwB0sTX38vt+Or12uR6eOskjofeR2FyTp23HIcwM+irDBE+K…
selectors probed

Certificate (current)

LH.pl CA
from 2026-01-16 to 2027-01-16
Expires in 229 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://aktywnigospodarczo.pl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing content type protection
  • missing Permissions Policy
Header values
referrer-policy
same-origin
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' https://translate-pa.googleapis.com https://www.gstatic.com https://translate.googleapis.com https://translate.google.com https://www.googletagmanager.com https://www.google-analytics.com; object-src 'none'; frame-src https://aktywnigospodarczo.pl https://maps.googleapis.com https://www.google.com; img-src 'self' https://*.openstreetmap.org https://emapa.katowice.eu https://fonts.gstatic.com https://www.gstatic.com https://translate.googleapis.com https://translate.google.com https://maps.googleapis.com https://www.google.com https://www.google-analytics.com data:; style-src 'self' 'unsafe-inline' https://translate-pa.googleapis.com https://www.gstatic.com https://translate.googleapis.com https://translate.google.com https://www.googletagmanager.com https://www.google-analytics.com https://fonts.googleapis.com ; connect-src 'self' https://region1.google-analytics.com https://translate.googleapis.com https://translate-
strict-transport-security
max-age=63072000; includeSubDomains

Links to (3)

Linked from (1)