hbh.cz
HTML metadata
Technology
- Server
- nginx
- CMS
- Joomla
- Analytics
-
- Google Tag Manager
- Ads
-
- Meta Pixel
- Fonts
-
- Google Fonts
Third-party hosts loaded (5)
- cdnjs.cloudflare.com×1
- connect.facebook.net×1
- fonts.googleapis.com×1
- maxcdn.bootstrapcdn.com×1
- www.googletagmanager.com×1
Social
Contact
- Phone
DNS records live
- NS
-
- ns.forpsi.cz
- ns.forpsi.it
- ns.forpsi.net
- MX
-
- 20 barracuda.hbh.cz
- 30 hbh-cz.mail.protection.outlook.com
- TXT
-
https://login.microsoftonline.com/1a1414af-cd73-490e-8e0b-9488b489e0fe/federationmetadata/2007-06/federationmetadata.xml?appid=959f393b-50cf-43bb-af52-85824c0ea781
- Verified for
-
- Microsoft 365
- OpenAI
Email authentication weak
- SPF
-
v=spf1 ip4:81.19.11.120/29 ip4:193.85.239.92 ip4:85.132.183.57 include:spf.protection.outlook.com -allstrict (-all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R12
Expires in 59 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
origin-when-cross-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://www.google.com https://www.google.cz https://*.googleapis.com https://*.gstatic.com https://*.typekit.net https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://*.cloudfront.net https://www.google-analytics.com https://www.googletagmanager.com https://www.googleadservices.com https://*.doubleclick.net https://www.youtube.com c.imedia.cz http://*.youtube.com https://heyzine.com https://*.cookiebot.eu https://*.google-analytics.com- strict-transport-security
max-age=31536000
Links to (6)
Linked from (4)
- sagittaria.cz×1
- tralys.cz×1
- iene2024.info×1
- nyvel.cz×1