indexo.dev

jewishmuseum.cz

.cz crawl

First seen 2026-05-13 · Last seen 2026-05-19 · ok HTTP/1.1 200 2800 ms crawled 2026-05-19

CZ · 89.233.129.24 · AS13036 T-Mobile Czech Republic a.s.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Navštivte nás | Židovské muzeum v Praze
Description
Navštivte Židovské muzeum v Praze, a objevte tak historii, tradice a zvyky českých a moravských Židů.
Language
cs
Canonical
https://www.jewishmuseum.cz/
Feeds

Open Graph

title
Navštivte nás | Židovské muzeum v Praze

Technology

Server
Apache
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts
Third-party hosts loaded (7)
  • ajax.googleapis.com×2
  • fonts.googleapis.com×2
  • www.googletagmanager.com×2
  • c.seznam.cz×1
  • fonts.gstatic.com×1
  • www.facebook.com×1
  • www.kudyznudy.cz×1

Social

Registration

Registrar
REG-ACTIVE24
Created
1999-01-12
Expires
2026-10-04 136 days left
Updated
2025-05-29
Name servers
  • ns1.websupport.cz
  • ns2.websupport.cz
  • ns3.websupport.eu

DNS records live

NS
  • ns1.websupport.cz
  • ns2.websupport.cz
  • ns3.websupport.eu
MX
  • 0 jewishmuseum-cz.mail.protection.outlook.com
TXT
  • _2u74gg8we1tnukmgdseqto6uacf5yey
Verified for
  • Atlassian

Email authentication partial

SPF
v=spf1 include:spf.protection.outlook.com include:spf.nux.cz ip4:212.24.128.3 ip4:212.20.106.128/25 include:spf.mandrillapp.com ip4:212.20.106.177 -all
strict (-all)
DMARC
v=DMARC1; p=none; rua=mailto:dmarc@jewishmuseum.cz; fo=1
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-05-11 to 2026-08-09
Expires in 81 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.jewishmuseum.cz/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
sameorigin
permissions-policy
geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),payment=()
x-content-type-options
nosniff
content-security-policy
default-src 'self' *; script-src * 'unsafe-inline' 'unsafe-eval' blob:; style-src * 'unsafe-inline'; font-src * data:; img-src * data: blob:; media-src 'self' * data: blob:; connect-src 'self' * blob:;
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (7)

Linked from (1)