indexo.dev

muzeumpragi.pl

.pl crawl

First seen 2026-05-21 · Last seen 2026-05-21 · ok HTTP/1.1 200 1449 ms crawled 2026-05-27

PL · 89.161.253.167 · AS12824 home.pl sp. z o.o.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Muzeum Warszawskiej Pragi | oddział Muzeum Warszawy
Description
Muzeum Warszawy
Language
pl
Generator
WPML ver:4.9.2.1 stt:1,41;
Canonical
https://muzeumpragi.pl/
Translations
  • en
  • pl

Open Graph

url
https://muzeumpragi.pl/
title
Odwiedź serwis www Muzeum Warszawskiej Pragi
locale
pl_PL
site name
Muzeum Warszawskiej Pragi
description
Współtworzone przez mieszkańców prawobrzeżnej Warszawy, angażujące lokalne środowisko, wychodzące z działaniami poza swoje mury – Muzeum Warszawskiej Pragi.

Technology

Server
Apache
CMS
WordPress
jQuery
2.2.4 known XSS (<3.5)
Analytics
  • Google Tag Manager

Third-party hosts loaded (4)

  • muzeumwarszawy.pl×3
  • code.jquery.com×2
  • www.googletagmanager.com×2
  • www.fyrebox.com×1

Social

Contact

Phone

DNS records live

NS
  • dns.home.pl
  • dns2.home.pl
  • dns3.home.pl
MX
  • 10 muzeumpragi.pl
Verified for
  • Google

Email authentication weak

SPF
v=spf1 ip4:89.161.253.167 a mx -all
strict (-all)
DMARC
not published
DKIM
  • dkim: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2k/eskSOOx6M3O53X92WqsrLBwVrh0N/3w1G6z+FhJyDwQCYXV/zgd1tl4K1i2VuR+vjnBQ2lr2aTg…
selectors probed

Certificate (current)

home pl DV TLS G2 R35 CA
from 2025-11-05 to 2026-12-05
Expires in 187 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://muzeumpragi.pl/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(), microphone=(), camera=(), payment=(), usb=(), fullscreen=(self), autoplay=(self), private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")
x-content-type-options
nosniff
content-security-policy
default-src 'self' https:; script-src 'self' 'unsafe-inline' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: blob: https:; font-src 'self' data: https:; connect-src 'self' https: wss:; frame-src 'self' https:; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'
strict-transport-security
max-age=31536000; includeSubDomains

Links to (7)

Linked from (1)