orneta.pl

.pl crawl

First seen 2026-05-31 · Last seen 2026-06-01 · ok HTTP/1.1 200 1951 ms crawled 2026-06-01

PL · 89.191.148.30 · AS12618 Politechnika Bydgoska im. Jana i Jedrzeja Sniadeckich

Reputation 94/100 dmarc monitor-only

sector government type landing page

HTML metadata

Title: Miasto i Gmina Orneta Oficjalny portal informacyjny
Language: pl

Open Graph

url: https://orneta.pl/
title: Miasto i Gmina Orneta
site name: Miasto i Gmina Orneta Oficjalny portal informacyjny

Technology

Server: nginx
Stack: PHP

Fonts

Google Fonts

Third-party hosts loaded (2)

cdn.jsdelivr.net×10
fonts.googleapis.com×1

Social

Contact

Email

umig@orneta.pl

Phone

DNS records live

NS

ns1.dhosting.pl
ns2.dhosting.pl

MX

10 mx-1.dpoczta.pl
10 mx-2.dpoczta.pl

TXT

MS=416AF3BA29F33F86D92B89E8D6747298F53D3648

Verified for

Google

Email authentication partial

SPF: v=spf1 include:_mail.dhosting.pl -all
strict (-all)
DMARC: v=DMARC1; p=none; sp=none; rua=mailto:dmarc-raports@dhosting.pl
policy: none (monitoring only) · sp=none
DKIM: no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA DV R36

from 2026-01-15 to 2027-01-16

Expires in 228 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://orneta.pl/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
missing frame protection

Header values

referrer-policy: origin-when-cross-origin
permissions-policy: accelerometer=(self), autoplay=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), xr-spatial-tracking=(self)
x-content-type-options: nosniff
content-security-policy: worker-src 'self' 'unsafe-inline' blob:; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://www.youtube.com/ https://transmisja.esesja.pl/ https://esesja.tv/ https://docs.google.com/ https://www.facebook.com; ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com/ajax/libs/select2/ https://cdnjs.cloudflare.com/ajax/libs/jplayer/ https://uicdn.toast.com/tui-image-editor/ https://uicdn.toast.com/tui-color-picker/ https://use.fontawesome.com/ https://www.gstatic.com/charts/51/ https://unpkg.com/leaflet@1.6.0/ https://cdn.jsdelivr.net/npm/@fullcalendar/ https://cdn.jsdelivr.net/npm/leaflet@1.9.3/dist/leaflet.css ; style-src-attr 'self' 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://cdnjs.cloudflare.com/ajax/libs/select2/ https://cdnjs.cloudflare.com/ajax/libs/jplayer/ https://uicdn.toast.com/tui-image-editor/ https://uicdn.
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000

Links to (9)

Linked from (1)

punktyadresowe.pl×1