indexo.dev

olsztyn.eu

.eu crawl dns

First seen 2026-05-22 · Last seen 2026-05-31 · ok HTTP/1.1 200 5003 ms crawled 2026-05-28

PL · 5.172.190.246 · AS207012 Gmina Olsztyn

Reputation 100/100

sector government type homepage

HTML metadata

Title
Serwis Urzędu Miasta Olsztyna: O Olsztynie
Language
pl-PL
Generator
TYPO3 CMS

Technology

Server
Apache
CMS
Joomla
jQuery
1.11.1 known XSS (<3.5)
Analytics
  • Google Tag Manager
Ads
  • Google AdSense

Third-party hosts loaded (4)

  • ajax.googleapis.com×1
  • maxcdn.bootstrapcdn.com×1
  • pagead2.googlesyndication.com×1
  • www.googletagmanager.com×1

Social

Contact

Email
Phone

DNS records live

NS
  • ns1.olsztyn.eu
  • ns2.olsztyn.eu
MX
  • 0 mailgw.olsztyn.eu
TXT
  • mojecertpl-site-verification-Zk0oi9RE7j9Pd68PHTWR7mvdt9EHljby
Verified for
  • Google

Email authentication strong

SPF
v=spf1 mx ip4:5.172.190.207 ip4:5.172.190.205 ip4:5.172.190.206 ip4:5.172.190.227 include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1;p=quarantine;rua=mailto:dmarc@olsztyn.eu,mailto:eae1c48a84@rua.easydmarc.eu;ruf=mailto:dmarc@olsztyn.eu,mailto:eae1c48a84@ruf.easydmarc.eu;fo=1;
policy: quarantine
DKIM
no key found at common selectors

Certificate (current)

Certum DV TLS G2 R39 CA
from 2026-01-07 to 2027-01-07
Expires in 221 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://olsztyn.eu/o-olsztynie.html

present
  • content-security-policy
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • weak content type protection
Header values
referrer-policy
strict-origin-when-cross-origin
permissions-policy
camera=(), microphone=(), geolocation=()
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://pagead2.googlesyndication.com https://ssl.google-analytics.com https://maxcdn.bootstrapcdn.com https://ajax.googleapis.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://pagead2.googlesyndication.com https://www.google-analytics.com https://www.googletagmanager.com data:; font-src 'self' https://fonts.gstatic.com data:; object-src 'none'; connect-src 'self' https://www.google.com https://*.google-analytics.com; frame-src 'self' https://pagead2.googlesyndication.com https://www.google.com blob:; worker-src 'self' blob:; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; manifest-src 'self';

Links to (14)

Linked from (4)