nemeckespotrebice.cz
HTML metadata
Technology
- Server
- Apache
- jQuery
- 1.8.2 known XSS (<3.5)
- Stack
- PHP
Third-party hosts loaded (2)
- i.elektrocz.com×26
- static.elektrocz.com×2
Registration
- Registrar
- REG-WEB4U
- Created
- 2014-02-28
- Expires
- 2027-02-27 271 days left
- Updated
- 2014-02-28
- Name servers
-
- ns2.web4u.cz
- ns.web4u.cz
DNS records live
- NS
-
- ns.web4u.cz
- ns2.web4u.cz
- MX
-
- 10 nemeckespotrebice-cz.mail.protection.outlook.com
Email authentication weak
- SPF
-
v=spf1 ip4:89.31.41.66 ip4:81.2.216.54 include:spf.protection.outlook.com ~allsoftfail (~all) - DMARC
- not published
- DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApb93MgUB1WL/e/4zsHQkCaftmwUU9Nt5YRe54+CalAixCv+Gq/pbOz7n8T/3iL14QqH1RjgCvFvPO0…
selectors probed - selector1:
Certificate (current)
Alpiro RSA DV SSL CA 2
Expires in 185 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
upgrade-insecure-requests;script-src 'self' 'unsafe-inline' 'unsafe-eval' *.twistopay.com *.doubleclick.net *.googleadservices.com *.google-analytics.com *.googletagmanager.com *.imedia.cz *.flixfacts.com *.flix360.com *.flixcar.com *.channelsight.com *.heureka.cz *.heureka.sk *.heureka.group *.createjs.com *.livechatinc.com *.seznam.cz *.zbozi.cz unpkg.com *.unpkg.com- strict-transport-security
max-age=31536000; includeSubDomains; preload