kvetinydnes.cz

HTML metadata

Technology

Server

Apache

jQuery

1.11.0 known XSS (<3.5)

Social widgets

• YouTube Embed

Third-party hosts loaded (5)

• www.youtube.com×6
• c.imedia.cz×1
• www.facebook.com×1
• www.kudyznudy.cz×1
• youtu.be×1

Social

• facebook

Contact

Email

• obchod@kvetinydnes.cz

DNS records live

NS

• ns1.ignum.com
• ns2.ignum.cz

MX

Show 7 MX records

• 10 aspmx.l.google.com
• 20 alt1.aspmx.l.google.com
• 20 alt2.aspmx.l.google.com
• 30 aspmx2.googlemail.com
• 30 aspmx3.googlemail.com
• 30 aspmx4.googlemail.com
• 30 aspmx5.googlemail.com

TXT

• v8kf1ls6g4ptl7t6vp29dg9wvdrw4ckj

Email authentication partial

SPF

v=spf1 a mx ip4:89.185.227.44 include:_spf.google.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:webdev@datapro.cz;

policy: none (monitoring only)

DKIM

• default: v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQ6rGNyVXUH4+T3v07FZD+ftxy3MvWsXrE1ehGtBTDoK25tfipTImru3kEM+0BJkHhHI…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.kvetinydnes.cz/

present

• strict-transport-security
• x-frame-options

findings

• missing Content Security Policy
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (11)

• umelekvetiny.net×1
• umelekvetiny-shop.cz×1
• pro-darky.cz×1
• kvetinace-shop.cz×1
• kudyznudy.cz×1
• facebook.com×1
• eflora.cz×1
• e-kvetinace.com×1
• datapro.cz×1
• balkonovekvetiny.cz×1
• aranzovna.cz×1

Linked from (2)

• e-kvetinace.com×1
• balkonovekvetiny.cz×1