trhypraha.cz
trhypraha.cz
HTML metadata
Technology
- Server
- Apache
- jQuery
- 3.2.1 known XSS (<3.5)
- Stack
- PHP
- Fonts
-
- Google Fonts
Third-party hosts loaded (2)
- fonts.gstatic.com×2
- fonts.googleapis.com×1
Social
Contact
- Phone
DNS records live
- NS
-
- ns1.websupport.cz
- ns2.websupport.cz
- ns3.websupport.eu
- MX
-
- 0 trhypraha-cz.mail.protection.outlook.com
Email authentication weak
- SPF
-
v=spf1 include:spf.protection.outlook.com include:aramit.net include:spf.nethost.cz -allstrict (-all) - DMARC
- not published
- DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC33BsEc0eHB/cIXuDKCacJXo8SjfG9or6maV3xukktjyiM1Acp82Zia3hQkdUKw3agp106aJx80wF+cAAvbi… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrg4nP/GXaEwis7u5GIug26Fw34l6ddtgxdB1ODzd0miatyl925JgM/+DGzzzPVJNFnQpOzEQEH09V…
selectors probed - selector1:
Certificate (current)
R13
Expires in 38 days
HTTP security headers
- present
-
- content-security-policy-report-only
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- missing HSTS
- missing Content Security Policy
- missing Permissions Policy
Header values
- referrer-policy
no-referrer- x-frame-options
DENY- x-content-type-options
nosniff- content-security-policy-report-only
upgrade-insecure-requests; default-src 'none'; object-src 'self'; media-src 'self'; connect-src 'self'; frame-ancestors 'none'; frame-src https://www.youtube.com; img-src 'self' data: https://www.google-analytics.com https://maps.gstatic.com https://csi.gstatic.com https://maps.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'nonce-f0bebd9ef7fc20d83b0155137a2e960ec20f36fa' 'sha256-NeueIEO8rwnaeJW0jYHRwrarPP+KzGzhk6xBJ06ntlw=' https://www.google-analytics.com https://maps.googleapis.com https://maps.gstatic.com https://maps.googleapis.com;
Links to (12)
Linked from (1)
- taiko.cz×1