hasman-klima.cz
hasman-klima.cz
HTML metadata
Technology
- Server
- Apache
- CMS
- Gatsby
- jQuery
- 3.3.1 known XSS (<3.5)
- Cookie consent
-
- Cookiebot
Third-party hosts loaded (3)
- code.jquery.com×1
- consent.cookiebot.com×1
- stackpath.bootstrapcdn.com×1
DNS records live
- NS
-
- ns.wedos.com
- ns.wedos.cz
- ns.wedos.eu
- ns.wedos.net
- MX
-
- 10 4ead31affb708437.mx2.emailprofi.seznam.cz
- 20 4ead31affb708437.mx1.emailprofi.seznam.cz
Email authentication weak
- SPF
-
v=spf1 include:spf.seznam.cz ~allsoftfail (~all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 64 days
HTTP security headers
- present
-
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- missing Permissions Policy
Header values
- referrer-policy
no-referrer- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
upgrade-insecure-requests; form-action 'self'; object-src 'none'; frame-src https://consentcdn.cookiebot.com/ https://www.google.com/ https://www.youtube.com/ https://player.vimeo.com/ https://www.facebook.com/ https://staticxx.facebook.com/; style-src 'self' 'unsafe-inline' https://use.typekit.net https://p.typekit.net https://fonts.googleapis.com https://use.fontawesome.com/releases/v5.7.0/css/all.css https://cdn.jsdelivr.net/npm/cookie-bar/themes/cookiebar.min.css; font-src 'self' https://use.typekit.net https://fonts.gstatic.com https://use.fontawesome.com/releases/v5.7.0/webfonts/ data:;; img-src 'self' https://imgsct.cookiebot.com/ https://cdn.jsdelivr.net/ https://dummyimage.com/ https://via.placeholder.com https://www.google-analytics.com/ https://maps.googleapis.com/ https://maps.gstatic.com/ https://csi.gstatic.com/ https://mdbootstrap.com/img/Photos/Others/nature7.jpg https://mdbootstrap.com/img/Marketing/mdb-press-pack/mdb-main.jpg data:;; connect-src https://vimeo.com http