indexo.dev

spar.pl

.pl crawl

First seen 2026-05-27 · Last seen 2026-06-01 · ok HTTP/1.1 200 465 ms crawled 2026-05-30

US · 192.124.249.11 · AS30148 Sucuri

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
SPAR – świeżość i wybór gwarantowane
Description
SPAR - świeżość i wybór gwarantowane
Language
pl-PL
Canonical
https://spar.pl/

Technology

Server
Sucuri
CMS
WordPress
jQuery
3.7.0
Analytics
  • Google Tag Manager
Fonts
  • Font Awesome

Third-party hosts loaded (5)

  • use.fontawesome.com×4
  • code.jquery.com×3
  • www.google.com×2
  • www.googletagmanager.com×2
  • www.facebook.com×1

Social

Contact

Phone

DNS records live

NS
  • ns1.nazwa.pl
  • ns2.nazwa.pl
  • ns3.nazwa.pl
MX
  • 0 spar-pl.mail.protection.outlook.com
TXT
Show 5 TXT records
  • 3540b5237594c0a076f69242e37f8a1e448a6d4db698048b985ca7f018dcfa1
  • _ue5onr45bnms25wewtd56saepyth200
  • knowbe4-site-verification=38a7a29f635e2263a8540f23a422d41c
  • _b2i1wk57x57kabvx9xixvq1nrhokoru
  • mojecertpl-site-verification-sCLfwGHuuCSFs9CRE7LoyPKSq483Cc9w
Verified for
  • Google
  • Microsoft 365

Email authentication weak

SPF
v=spf1 include:_spf.mlsend.com ip4:83.238.10.106 ip4:89.171.57.180 include:spf.protection.outlook.com -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

Certum DV TLS G2 R39 CA
from 2025-12-05 to 2026-12-05
Expires in 186 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 50/100 Checked live page: https://spar.pl/

present
  • content-security-policy
  • referrer-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • missing frame protection
  • missing content type protection
  • missing Permissions Policy
Header values
referrer-policy
origin-when-cross-origin
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com/ https://connect.facebook.net/ https://script.hotjar.com/ https://static.hotjar.com/ https://www.google-analytics.com/analytics.js https://www.google.com/recaptcha/api.js https://www.googletagmanager.com/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/ https://maps.google.com/ https://unpkg.com/@google/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.fontawesome.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://places.googleapis.com/$rpc/google.maps.places.v1.Places/GetPlace https://places.googleapis.com/$rpc/google.maps.places.v1.Places/AutocompletePlaces https://region1.google-analytics.com https://www.google-analytics.com https://maps.googleapis.com/ wss://ws.hotjar.com/ https://content.hotjar.io/ https://stats.g.doubleclick.net/ https://www.google.com/recaptcha/api2/; font-src 'self' data: https://fonts.gstatic.com https://use.font

Links to (5)

Linked from (3)