indexo.dev

farnostrepy.cz

.cz crawl

First seen 2026-05-31 · Last seen 2026-05-31 · ok HTTP/1.1 200 748 ms crawled 2026-06-01

DE · 49.13.40.93 · AS24940 Hetzner Online GmbH

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Římskokatolická farnost u kostela sv. Martina Praha-Řepy

Technology

Server
nginx
jQuery
1.11.0 known XSS (<3.5)
Stack
PHP
Fonts
  • Font Awesome
  • Google Fonts
Third-party hosts loaded (9)
  • www.agendafarnosti.cz×14
  • agendafarnosti.cz×9
  • o2.agendafarnosti.cz×7
  • fonts.googleapis.com×2
  • use.fontawesome.com×2
  • cirkevnistatistiky.cz×1
  • forms.agendafarnosti.cz×1
  • praha.donator.cz×1
  • translate.google.com×1

Social

Contact

Phone

DNS records live

NS
  • ns1.websupport.sk
  • ns2.websupport.sk
  • ns3.websupport.sk
MX
  • 10 mailin2.farnostrepy.cz
  • 100 mailin1.farnostrepy.cz
TXT
  • spf2.0/pra a mx include:_sid.m1.websupport.sk ?all

Email authentication weak

SPF
v=spf1 a mx include:_spf.m1.websupport.sk ?all
neutral (?all)
DMARC
not published
DKIM
  • mail: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1euJUQTjIVnv68ekrfFutEm5MC2JpB/oMh7MCpIKRuzgDgxVo+TUGbSBHlC1nlQToDD+JWQY1f12O8…
selectors probed

Certificate (current)

E8
from 2026-04-26 to 2026-07-25
Expires in 53 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://farnostrepy.cz/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
Header values
permissions-policy
unload=(self "https://www.facebook.com" "https://web.facebook.com" "https://staticxx.facebook.com" "https://static.xx.fbcdn.net")
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://booking.previo.app https://*.agendafarnosti.cz https://*.agendafarnosti.sk https://*.gemeindeagenda.at https://donator.cz https://*.fontawesome.com https://cirkevnistatistiky.cz https://js.stripe.com https://*.vaticannews.va https://*.jsdelivr.net https://*.cloudflare.com https://*.google.com https://*.googletagmanager.com https://*.google-analytics.com https://*.googleapis.com https://*.facebook.net https://*.facebook.com https://*.cloudflareinsights.com; frame-ancestors 'self' https://*.agendafarnosti.cz https://agendafarnosti.cz https://*.agendafarnosti.sk https://agendafarnosti.sk https://*.gemeindeagenda.at https://gemeindeagenda.at https://cirkevnistatistiky.cz;
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31536000
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin

Links to (7)

Linked from (1)