genus.cz

HTML metadata

Title: Nejvíce on-line informací z Liberce a Libereckého kraje | Genus
Description: Genus - Nejvíce on-line informací z Liberce a Libereckého kraje
Language: cs

Technology

Server: nginx
Stack: PHP

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Registration

Registrar

REG-INTERNET-CZ

Created

1999-03-11

Expires

2028-10-09 861 days left

Updated

2019-09-11

Name servers

ns.forpsi.cz
ns.forpsi.it
ns.forpsi.net

DNS records live

NS

ns.forpsi.cz
ns.forpsi.it
ns.forpsi.net

MX

10 mail.genusplus.cz

Email authentication weak

SPF

v=spf1 a mx a: ~all

softfail (~all)

DMARC

not published

DKIM

mail: v=DKIM1;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51JSAB3EagTIkFr3F0NWvsX041XIlkhVpkNeWtPRZfe5IA8m83MRyyTeAB1mhib8O4lFs1J4xovA4Ne0pS4IMM…

selectors probed

Certificate (current)

E8

from 2026-05-14 to 2026-08-12

Expires in 73 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://genus.cz/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
weak frame protection
weak content type protection

Header values

referrer-policy: no-referrer-when-downgrade, strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN, SAMEORIGIN
permissions-policy: geolocation=(), microphone=(), camera=()
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' https://*.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/ https://*.google.com/ https://*.youtube.com/ https://*.gstatic.com/ https://*.cloudflare.com/ https://*.bootstrapcdn.com/ https://*.klicenka.uvm.cz/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.googletagservices.com/ https://*.google.cz/ https://*.mapy.cz/ https://connect.facebook.net/ https://*.facebook.com/ https://cdn.jsdelivr.net/ https://placehold.co/ https://*.abalin.net/ https://*.ampproject.org/ ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.googleapis.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/ https://*.google.com/ https://*.youtube.com/ https://*.gstatic.com/ https://*.cloudflare.com/ https://*.bootstrapcdn.com/ https://*.klicenka.uvm.cz/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.googletagservices.com/ https://*.google.cz/ https://*.mapy.cz/ https://connect.facebook.net/
strict-transport-security: max-age=2592000; includeSubDomains, max-age=63072000; includeSubDomains; preload