granat.cz

HTML metadata

Technology

CDN

Cloudflare

CMS

Joomla

jQuery

1.11.3 known XSS (<3.5)

Stack

PHP

Analytics

• Google Tag Manager

Ads

• Meta Pixel

Third-party hosts loaded (6)

• cdn.myshoptet.com×5
• www.googletagmanager.com×2
• connect.facebook.net×1
• shoptet.gopaycdn.com×1
• shoptet.platimpak.cz×1
• www.facebook.com×1

Social

• facebook
• instagram

Contact

Phone

• +420737206190
• +420481357216
• +420481357257
• +420481357315

DNS records live

NS

• garret.ns.cloudflare.com
• wally.ns.cloudflare.com

MX

• 1 relay.zoner.com
• 10 10mx.zoner.com
• 15 15mx.zoner.com

Verified for

• Google
• Microsoft 365

Email authentication partial

SPF

v=spf1 a ip4:81.0.233.6/32 include:spf.protection.outlook.com ip6:2a07:58c0:0:10::1 ip4:185.147.250.10 a:mail.pamico-czech.cz include:spf.smartemailing.cz include:spf.majorshop.cz include:_spf.myshoptet.com include:spf-zoner-zmail.zoner.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:6dac67be5c3747ac857a098cec964fc7@dmarc-reports.cloudflare.net,mailto:dmarc+665135@smartemailing.cz; fo=1

policy: none (monitoring only)

DKIM

• selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dO4AfFQvRVJdlgI5h6QLhuYSZhmjE/3S6Gjz+j3jhgPtYxhXQ3+I8dVzWSZx+l/wmqA/03UJJTxmM…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://www.granat.cz/

present

• x-frame-options
• x-content-type-options

findings

• missing HSTS
• missing Content Security Policy
• weak frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (10)

• turnov.cz×1
• shoptetpremium.cz×1
• regionalniprodukt.cz×1
• puncovniurad.cz×1
• mcgp.cz×1
• kraj-lbc.cz×1
• instagram.com×1
• google.com×1
• facebook.com×1
• expo-granat.com×1

Linked from (3)

• antecom.cz×1
• wcup2018.cz×1
• taste.cz×1