nac.gov.pl

.pl dns crawl

First seen 2026-05-22 · Last seen 2026-05-30 · ok HTTP/1.1 200 5088 ms crawled 2026-05-28

US · 45.60.74.29 · AS19551 Incapsula Inc

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title

NAC | Narodowe Archiwum Cyfrowe

Language

pl-PL

Generator

WordPress 6.9.4

Translations

Feeds

Technology

Server: XXXXXX
CMS: WordPress 6.9.4
jQuery: 3.7.1
Stack: PHP

Fonts

Google Fonts

Third-party hosts loaded (4)

fonts.googleapis.com×3
ajax.googleapis.com×2
gmpg.org×1
www.facebook.com×1

Social

Contact

Phone

2025-12-11 12

DNS records live

NS

ns1.nac.gov.pl
ns2.nac.gov.pl

MX

10 mx.nac.gov.pl

TXT

mojecertpl-site-verification-nzwK8Fmj05bN9yy6FgvAfnlQ1rIe2XWd

Verified for

Atlassian
GlobalSign
Google

Email authentication partial

SPF

v=spf1 mx include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc@nac.gov.pl; ruf=mailto:dmarc@nac.gov.pl; sp=none; fo=1;

policy: none (monitoring only) · sp=none

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVjLxPtQkSoM9Uq3YwqQbDEQsHu9InoWZPjBoE3iqTJ7BxmggxmJwZ6p5nmrBN20y1y1gLi8k8FGDpu2v7xQ…

selectors probed

Certificate (current)

GlobalSign Atlas R3 DV TLS CA 2026 Q1

from 2026-03-09 to 2026-06-07

Expires in 7 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://www.nac.gov.pl/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Permissions Policy

Header values

referrer-policy: origin
x-content-type-options: nosniff
content-security-policy: default-src www.nac.gov.pl ajax.googleapis.com fonts.googleapis.com *.gstatic.com www.facebook.com 'self'; script-src www.nac.gov.pl 'self' 'unsafe-inline'; style-src www.nac.gov.pl ajax.googleapis.com fonts.googleapis.com 'self' 'unsafe-inline'; img-src www.nac.gov.pl 'self' www.szukajwarchiwach.gov.pl: default-src fonts.gstatic.com www.google-analytics.com matomo.archiwa.gov.pl stats.g.doubleclick.net www.facebook.com 'self'; script-src ajax.googleapis.com www.google-analytics.com connect.facebook.net matomo.archiwa.gov.pl 'self' 'unsafe-inline' 'unsafe-eval'; style-src ajax.googleapis.com fonts.googleapis.com 'self' 'unsafe-inline'; img-src data: photos.szukajwarchiwach.gov.pl www.facebook.com www.google.com www.google.pl http://lublin.ap.gov.pl https://i0.wp.com 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload

Links to (10)

Linked from (2)

biogramy.pl×1
dzieje.pl×1