nzm.cz

HTML metadata

Title: Národní zemědělské muzeum, s. p. o.
Language: cs

Open Graph

site name: Národní zemědělské muzeum, s. p. o.

Technology

Server: Apache
CMS: Gatsby
jQuery: 3.2.1 known XSS (<3.5)
Stack: PHP

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (5)

fonts.gstatic.com×2
www.googletagmanager.com×2
fonts.googleapis.com×1
kookiecheck.cz×1
www.facebook.com×1

Social

Contact

Address: Náměstí Svobody 8, 691 42 Valtice

Registration

Registrar

REG-ACTIVE24

Created

2004-05-19

Expires

2027-05-18 351 days left

Updated

2025-11-09

Name servers

ns1.websupport.cz
ns2.websupport.cz
ns3.websupport.eu

DNS records live

NS

ns1.websupport.cz
ns2.websupport.cz
ns3.websupport.eu

MX

0 nzm-cz.mail.protection.outlook.com

Verified for

Google
Microsoft 365

Email authentication partial

SPF

v=spf1 ip4:213.195.199.162 ip4:213.195.199.164 ip4:95.168.212.207 ip4:185.64.219.200 a:mail1.colosseum.eu include:spf.protection.outlook.com include:spf.nethost.cz -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:mail_report@nzm.cz; ruf=mailto:mail_report@nzm.cz; adkim=r; aspf=r; rf=afrf

policy: none (monitoring only)

DKIM

Show 4 DKIM selectors

default: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkqiSTGcYycHoqJ1JT3OZWUZqcnCcQut5HSX6MpAOBnNp2e7YPs38A4iTt3lS/AZvCfnMyiaZdpRCe1foZ7pgVnzOcDoj…
selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyq9l19fCKCveeFXsyJY07P7ysRgIZCH7w/51mx4kr/yPsJbF7ZPeu/7ljGMiibIWep64cndctISUvA…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwu6Jjn4HiNEgV/4VUR+01VYjvBRKhubt04UCnxV2HWiL0WRpZXDN5bJSDgJpsj/LaYpoIxf+b0ASY6Ehe6…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDG/NGzPAruxvSCAVoRQn5VlgDFS12q8ztz6TLrHyHCHOSXqRxPGMeH0kHNzb78ztcTszvFhKTVFTQfZXfGaTnLvB…

selectors probed

Certificate (current)

R13

from 2026-04-13 to 2026-07-12

Expires in 42 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://www.nzm.cz/

present

content-security-policy-report-only
x-frame-options
x-content-type-options
referrer-policy

findings

missing HSTS
missing Content Security Policy
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy-report-only: upgrade-insecure-requests; default-src 'none'; object-src 'self'; media-src 'self'; connect-src 'self'; frame-ancestors 'none'; frame-src https://www.youtube.com; img-src 'self' data: https://www.google-analytics.com https://maps.gstatic.com https://csi.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'nonce-3a46ce7a697adb493d25a0a9fc245d5e9b207126' 'sha256-NeueIEO8rwnaeJW0jYHRwrarPP+KzGzhk6xBJ06ntlw=' https://www.google-analytics.com https://maps.googleapis.com https://maps.gstatic.com https://maps.googleapis.com;