bimfo.cz

HTML metadata

Technology

jQuery

3.4.1 known XSS (<3.5)

Stack

ASP.NET

Fonts

• Google Fonts

Third-party hosts loaded (1)

• fonts.googleapis.com×1

Social

• facebook
• twitter
• youtube
• linkedin

Contact

Phone

• +420 910 970 111

Registration

Registrar

REG-WEBGLOBE

Created

2015-08-10

Expires

2026-08-09 69 days left

Updated

2022-12-26

Name servers

• ns1.ignum.com
• ns2.ignum.cz

DNS records live

NS

• ns1.ignum.com
• ns2.ignum.cz

MX

• 10 email.webglobe.cz
• 10 email2.webglobe.cz
• 10 email3.webglobe.cz
• 10 email4.webglobe.cz

TXT

Show 7 TXT records

• "14vttf8dk8xx0n3kpy7rb2m3hcp6ppk5"
• 14vttf8dk8xx0n3kpy7rb2m3hcp6ppk5
• _9i2rqu6d17qtwbtumt674eoo08h4a9h
• _kyalmndvu64yh0ak1mtxw6mhtrqig83
• dcbxc1wd5nb5kt3hvq35w5yn0zslw216
• hz3vn1mnt5k93rt9fs6xq2trr751mxbx
• kwky5lgpk2r7wcf0v3dg3dzm8d0m3kvy

Verified for

• Google

Email authentication weak

SPF

v=spf1 mx ip4:92.62.124.119 ip4:172.31.2.67 ip4:31.31.76.110 -all

strict (-all)

DMARC

not published

DKIM

• default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuryQ2hAVkIEmZ60LZIkmevyGMLf5Ei+Pjis2CLq+0/p5zKo16nq+dzILIxjHXfDYNb+MQ9AogsH4cc…

selectors probed

Certificate (current) wrong cert

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.bimfo.cz/Home.aspx

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy

findings

• CSP allows unsafe inline scripts/styles
• missing Permissions Policy

Links to (4)

• facebook.com×1
• linkedin.com×1
• twitter.com×1
• youtube.com×1

Linked from (6)

• nazdi.cz×1
• civil3d.cz×1
• gisforum.cz×1
• floridashine.org×1
• cadforum.cz×1
• msfocus.org×1