sushitime.cz

HTML metadata

Technology

Server

openresty

jQuery

1.10.2 known XSS (<3.5)

Stack

PHP

Analytics

• Google Tag Manager

Third-party hosts loaded (1)

• www.googletagmanager.com×1

Social

• facebook
• twitter
• instagram

DNS records live

NS

• ns.gransy.com
• ns2.gransy.com
• ns3.gransy.com
• ns4.gransy.com
• ns5.gransy.com

MX

• 10 sushitime-cz.mail.protection.outlook.com

Verified for

• Microsoft 365

Email authentication strong

SPF

v=spf1 a mx include:servers.mcsv.net include:spf.protection.outlook.com include:_spf.websupport.sk -all

strict (-all)

DMARC

v=DMARC1; p=reject; pct=100

policy: reject (enforced)

DKIM

• k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
• mail: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvgXyY57JuAY67YoniUtlb4NyCZWPd4ZnUoF8H44TxYs55vcAFVOCpN5E26IPLoTNzURrJFpiHw774nw/wqi…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://www.sushitime.cz/

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing content type protection
• missing Referrer Policy
• missing Permissions Policy

Links to (3)

• twitter.com×1
• instagram.com×1
• facebook.com×1

Linked from (1)

• brumlovka.cz×1