indexo.dev

foreigners.cz

.cz crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 3905 ms crawled 2026-05-30

CZ · 89.248.240.25 · AS41670 hkfree.org z.s.

Reputation 100/100

Classifying

HTML metadata

Title
Feel at home in the Czech Republic | Foreigners.cz
Description
Foreigners.cz agency helps foreign/international students and expats in the Czech Republic to relocate and live here.
Language
en

Technology

Server
nginx
jQuery
1.8.3 known XSS (<3.5)
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts
Third-party hosts loaded (7)
  • app.smartemailing.cz×2
  • fonts.googleapis.com×1
  • maps.googleapis.com×1
  • mc.yandex.ru×1
  • www.facebook.com×1
  • www.google.com×1
  • www.googletagmanager.com×1

Social

Contact

Email

DNS records live

NS
  • 1.ns.gigaserver.cz
  • 2.ns.gigaserver.cz
  • 3.ns.gigaserver.cz
  • 4.ns.gigaserver.cz
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
Verified for
  • Google
  • Meta

Email authentication strong

SPF
v=spf1 mx a:www.foreigners.cz include:_spf.google.com include:sendgrid.net include:spf.smartemailing.cz -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:it-team@foreigners.cz; ruf=mailto:it-team@foreigners.cz; fo=1; adkim=s; aspf=s; pct=100
policy: quarantine
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01YMC8mpLFcnpgLOHwmMcvTRDQy6lgN5ZSH53Dm+WQXPYm1Rh31fcmuk6Q3BPL+/+u2OMETkBwXZaN…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxa9ZJoqTLIbHvlrs4LLAm/Ou1ci6lORRMTmSRuJSPRN8j6EiqpkP+VxwzEiFQ/c1pRdmgnXjffsqWD8L+r…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC7cdbL4t7yFx3vWKebDy3rP+5UzbHZ7JJEg7lPGYH0wnHcJuxZFCisXCEy4BWrfzOVx0oODghwfm8lUJc6C1Y/L/…
selectors probed

Certificate (current)

R13
from 2026-04-30 to 2026-07-29
Expires in 59 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://www.foreigners.cz/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • missing frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-content-type-options
nosniff
content-security-policy
default-src 'self' https: data: blob:; object-src 'none'; base-uri 'self'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; style-src 'self' https: 'unsafe-inline'; img-src 'self' https: data: blob:; font-src 'self' https: data:; connect-src 'self' https: wss:; frame-src 'self' https:;
strict-transport-security
max-age=31536000

Links to (10)

Linked from (1)