srovnejto.cz

HTML metadata

Title: Srovnejto.cz – srovnávač pojištění, energií a půjček
Description: Online srovnávač cen povinného ručení, havarijního a cestovního pojištění, plynu a elektřiny. Srovnejte, sjednejte a ušetřete!
Canonical: https://www.srovnejto.cz/

Open Graph

url: https://www.srovnejto.cz/
title: Srovnejto.cz – srovnávač pojištění, energií a půjček
image:: https://img2.storyblok.com/1200x627/filters:format(jpg)/f/124222/1570x753/45f547204f/srovnejto_main_header.webp
site name: Srovnejto.cz

Technology

CDN: Amazon CloudFront
Server: nginx
CMS: Nuxt

Cookie consent

Cookiebot

Third-party hosts loaded (5)

img2.storyblok.com×65
a.storyblok.com×2
consent.cookiebot.com×1
dev.visualwebsiteoptimizer.com×1
kit.fontawesome.com×1

Social

Contact

Email

podpora@srovnejto.cz

Phone

800444455

Registration

Registrar

REG-INTERNET-CZ

Created

2008-05-11

Expires

2027-05-10 343 days left

Updated

2025-10-14

Name servers

ns-1466.awsdns-55.org
ns-1776.awsdns-30.co.uk
ns-407.awsdns-50.com
ns-966.awsdns-56.net

DNS records live

NS

ns-1466.awsdns-55.org
ns-1776.awsdns-30.co.uk
ns-407.awsdns-50.com
ns-966.awsdns-56.net

MX

0 srovnejto-cz.mail.protection.outlook.com

TXT

38988eaacdd6499d1ec5acf404c89d8e.srovnejto.cz
atlassian-sending-domain-verification=68725b38-25b2-48d6-8b33-15647117efce

Verified for

Atlassian
Google
Meta
Microsoft 365
Yandex

Email authentication strong

SPF

v=spf1 a mx ip4:82.208.7.212 ip4:62.109.134.25 a:epojisteni.cz/24 include:spf.boldem.cz include:_spf.google.com ip4:167.89.0.0/17 ip4:168.245.0.0/17 include:amazonses.com include:spf.protection.outlook.com ~all

softfail (~all)

DMARC

v=DMARC1;p=reject;sp=reject;rua=mailto:pgef7pjm@ag.eu.dmarcadvisor.com;

policy: reject (enforced) · sp=reject

DKIM

google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1M3w+/FrGAK8LJrrLkUwzfDqm8X4nkJmhBUGGGC8WZ5D5eGe+VNond94Wu60usn4z3fVOlzDS9neDh5AU85…
selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4Hc4vM0axjngN9SwPsKG83P9F82R+s39LK/UpfegoXTGHoQItBXHlpQy2qSD1TP6M55xGUbJdyWKx…
mail: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1M3w+/FrGAK8LJrrLkUwzfDqm8X4nkJmhBUGGGC8WZ5D5eGe+VNond94Wu60usn4z3fVOlzDS9neDh5AU85…

selectors probed

Certificate (current)

R13

from 2026-05-24 to 2026-08-22

Expires in 83 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.srovnejto.cz/

present

content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
permissions-policy: camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=()
x-content-type-options: nosniff
content-security-policy: font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self' https://*.storyblok.com; img-src 'self' data: blob: https: 'unsafe-inline'; object-src 'none'; style-src 'self' https: 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleadservices.com *.google.com *.hyponamiru.cz *.visualwebsiteoptimizer.com *.vwo.com *.gstatic.com *.fontawesome.com *.cookiebot.eu *.cookiebot.com *.facebook.net *.twitter.com *.seznam.cz *.bots.sefbot.cz *.smartform.cz *.googleapis.com *.botsrv2.com *.msgok.net *.bing.com *.clarity.ms *.tiktok.com *.performax.cz *.leady.com *.doubleclick.net *.storyblok.com *.datadoghq-browser-agent.com *.datadoghq.eu *.trustindex.io *.go2sdk.com; upgrade-insecure-requests;
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: same-origin