aquapalace.cz
aquapalace.cz
HTML metadata
Technology
- Server
- nginx
- CMS
- Gatsby
- jQuery
- 2.2.4 known XSS (<3.5)
- Fonts
-
- Google Fonts
Third-party hosts loaded (1)
- fonts.googleapis.com×1
Social
Contact
- Phone
Registration
- Registrar
- REG-WEBGLOBE
- Created
- 2007-08-08
- Expires
- 2026-08-07 67 days left
- Updated
- 2022-11-19
- Name servers
-
- ns1.ignum.com
- ns2.ignum.cz
DNS records live
- NS
-
- ns1.ignum.com
- ns2.ignum.cz
- MX
-
- 0 aquapalace-cz.mail.protection.outlook.com
- Verified for
-
- Atlassian
- Microsoft 365
Email authentication partial
- SPF
-
v=spf1 ip4:195.39.114.208/28 mx ptr:aquapalace.cz include:spf.protection.outlook.com include:mailgun.org ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none; fo=1policy: none (monitoring only) - DKIM
-
- s1:
k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDL79zHw5DFWTZl3DasnhgmoSY3kTXld7LWbyFSDNKEsGA/eKpM7vwxX/AwIis7X//2GUvhbh5kqThFWeGztZUxkjD3sAg…
selectors probed - s1:
Certificate (current)
R13
Expires in 81 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
origin-when-cross-origin- x-frame-options
DENY- x-content-type-options
nosniff- content-security-policy
script-src 'unsafe-inline' *.posazavi.com analytics.tiktok.com *.adform.net *.hcaptcha.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.doubleclick.net 'self' 'unsafe-inline' 'unsafe-eval' connect.facebook.net c.imedia.cz *.hotjar.com tagmanager.google.com www.google.com www.gstatic.com c.seznam.cz ct.leady.com *.chatbase.co; style-src 'self' 'unsafe-inline' *.googletagmanager.com tagmanager.google.com cdnjs.cloudflare.com fonts.googleapis.com; report-uri /csp- strict-transport-security
max-age=31536000