https://www.drmax.cz/

ID scansione:: 60290692-2942-4960-a07b-275473756699Fatto
URL inviato:: https://www.drmax.cz/
Report terminato:: 17 dic 2024, 08:25:20

Rischi · 0 trovati

Pratiche che possono comportare rischi per la sicurezza

Intestazioni di sicurezza · 2 trovate

Intestazioni di risposta HTTP che possono rafforzare la sicurezza di un'applicazione Web

Nome	Valore	Supporto	Info
Strict-Transport-Security	max-age=31536000; includeSubDomains	Buono	Dichiara che un sito Web è accessibile solo tramite una connessione sicura (HTTPS). Fai clic per saperne di più...
X-Frame-Options	—	Buono	Indica se a un browser deve essere consentito di eseguire il rendering di una pagina in un <frame>, <iframe>, <embed> o <object>. Fai clic per saperne di più...
X-Content-Type-Options	nosniff	Buono	Indica che i tipi MIME pubblicizzati nelle intestazioni Content-Type devono essere seguiti e non modificati. Fai clic per saperne di più...
Content-Security-Policy	—	Buono	Controlla le risorse che l'agente utente può caricare per una determinata pagina. Fai clic per saperne di più...
Referrer-Policy	—	Buono	Controlla la quantità di informazioni sul referrer che devono essere incluse nelle richieste. Fai clic per saperne di più...
Clear-Site-Data	—	Buono	Controlla i dati memorizzati da un browser client per le loro origini. Fai clic per saperne di più...
X-Permitted-Cross-Domain-Policies	—	Buono	Controlla se un client Web come Adobe Flash Player o Adobe Acrobat dispone dell'autorizzazione per gestire i dati tra domini. Fai clic per saperne di più...
Permissions-Policy	—	Nuovo	Consenti e nega l'uso delle funzionalità del browser in un documento o iframe. Fai clic per saperne di più...
Cross-Origin-Embedder-Policy	—	Nuovo	Configura l'incorporamento di risorse multiorigine nel documento. Fai clic per saperne di più...
Cross-Origin-Opener-Policy	—	Nuovo	Assicurati che un documento di livello superiore non condivida un gruppo di contesti di navigazione con documenti di più origini. Fai clic per saperne di più...
Cross-Origin-Resource-Policy	—	Nuovo	Richiedere che il browser blocchi le richieste multiorigine/tra siti no-cor alla risorsa specificata. Fai clic per saperne di più...
X-XSS-Protection	—	Obsoleto	Obsoleto. Impedisce il caricamento delle pagine quando rilevano attacchi XSS (cross-site scripting) riflessi. Fai clic per saperne di più...
Feature-Policy	—	Obsoleto	Obsoleto. Sostituito dall'intestazione Permissions-Policy. Fai clic per saperne di più...
Expect-CT	—	Obsoleto	Obsoleto. Accetta la segnalazione e/o l'applicazione dei requisiti di trasparenza dei certificati. Fai clic per saperne di più...
Public-Key-Pins	—	Obsoleto	Obsoleto. Consente ai siti Web HTTPS di resistere alla rappresentazione da parte di autori di attacchi che utilizzano certificati emessi erroneamente o altrimenti fraudolenti. Fai clic per saperne di più...

Violazioni della sicurezza · 13 trovate

Richieste o risorse che violano le politiche di sicurezza

Violazione	Tipo	Info
Risorsa https://www.googletagmanager.com/gtm.js?id=GTM-PP52DD&l=dataLayerV2 Descrizione [Report Only] Refused to load the script 'https://web.cmp.usercentrics.eu/ui/loader.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: .algolia.net .algolianet.com .clarity.ms .cookiebot.com .drmax-cz.space .drmax-gl.space .drmax-gl.dev .drmax-sk.space .drmax.cz .drmax.net .drmax.sk .drmax.zone .drmax-gl.live .facebook.com .facebook.net .fbcdn.net .google-analytics.com .google.com .googleapis.com .hotjar.com .hotjar.io .instagram.com .sentry.io .twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.	Criteri di sicurezza dei contenuti	Controlla le risorse che l'agente utente può caricare per una determinata pagina. Fai clic per saperne di più...
Risorsa https://cdn-4.convertexperiments.com/static/v1/signals.observer.min.js Descrizione [Report Only] Refused to create a worker from 'blob:https://www.drmax.cz/d185fe53-f55f-4916-ae8d-e4aed6954261' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: .algolia.net .algolianet.com .clarity.ms .cookiebot.com .drmax-cz.space .drmax-gl.space .drmax-gl.dev .drmax-sk.space .drmax.cz .drmax.net .drmax.sk .drmax.zone .drmax-gl.live .facebook.com .facebook.net .fbcdn.net .google-analytics.com .google.com .googleapis.com .hotjar.com .hotjar.io .instagram.com .sentry.io .twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'worker-src' was not explicitly set, so 'default-src' is used as a fallback.	Criteri di sicurezza dei contenuti	Controlla le risorse che l'agente utente può caricare per una determinata pagina. Fai clic per saperne di più...
Risorsa https://www.drmax.cz/ Descrizione [Report Only] Refused to create a worker from 'blob:https://www.drmax.cz/d185fe53-f55f-4916-ae8d-e4aed6954261' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: .algolia.net .algolianet.com .clarity.ms .cookiebot.com .drmax-cz.space .drmax-gl.space .drmax-gl.dev .drmax-sk.space .drmax.cz .drmax.net .drmax.sk .drmax.zone .drmax-gl.live .facebook.com .facebook.net .fbcdn.net .google-analytics.com .google.com .googleapis.com .hotjar.com .hotjar.io .instagram.com .sentry.io .twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'worker-src' was not explicitly set, so 'default-src' is used as a fallback.	Criteri di sicurezza dei contenuti	Controlla le risorse che l'agente utente può caricare per una determinata pagina. Fai clic per saperne di più...
Risorsa https://web.cmp.usercentrics.eu/ui/loader.js Descrizione [Report Only] Refused to load the script 'https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: .algolia.net .algolianet.com .clarity.ms .cookiebot.com .drmax-cz.space .drmax-gl.space .drmax-gl.dev .drmax-sk.space .drmax.cz .drmax.net .drmax.sk .drmax.zone .drmax-gl.live .facebook.com .facebook.net .fbcdn.net .google-analytics.com .google.com .googleapis.com .hotjar.com .hotjar.io .instagram.com .sentry.io .twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.	Criteri di sicurezza dei contenuti	Controlla le risorse che l'agente utente può caricare per una determinata pagina. Fai clic per saperne di più...
Risorsa https://web.cmp.usercentrics.eu/ui/loader.js Descrizione [Report Only] Refused to load the script 'https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: .algolia.net .algolianet.com .clarity.ms .cookiebot.com .drmax-cz.space .drmax-gl.space .drmax-gl.dev .drmax-sk.space .drmax.cz .drmax.net .drmax.sk .drmax.zone .drmax-gl.live .facebook.com .facebook.net .fbcdn.net .google-analytics.com .google.com .googleapis.com .hotjar.com .hotjar.io .instagram.com .sentry.io .twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.	Criteri di sicurezza dei contenuti	Controlla le risorse che l'agente utente può caricare per una determinata pagina. Fai clic per saperne di più...
Risorsa https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js Descrizione [Report Only] Refused to connect to 'https://v1.api.service.cmp.usercentrics.eu/latest/core/_9-1Z62sbLkx-Z' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: .algolia.net .algolianet.com .clarity.ms .cookiebot.com .drmax-cz.space .drmax-gl.space .drmax-gl.dev .drmax-sk.space .drmax.cz .drmax.net .drmax.sk .drmax.zone .drmax-gl.live .facebook.com .facebook.net .fbcdn.net .google-analytics.com .google.com .googleapis.com .hotjar.com .hotjar.io .instagram.com .sentry.io .twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.	Criteri di sicurezza dei contenuti	Controlla le risorse che l'agente utente può caricare per una determinata pagina. Fai clic per saperne di più...
Risorsa https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js Descrizione [Report Only] Refused to connect to 'https://v1.api.service.cmp.usercentrics.eu/latest/core/_9-1Z62sbLkx-Z' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: .algolia.net .algolianet.com .clarity.ms .cookiebot.com .drmax-cz.space .drmax-gl.space .drmax-gl.dev .drmax-sk.space .drmax.cz .drmax.net .drmax.sk .drmax.zone .drmax-gl.live .facebook.com .facebook.net .fbcdn.net .google-analytics.com .google.com .googleapis.com .hotjar.com .hotjar.io .instagram.com .sentry.io .twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.	Criteri di sicurezza dei contenuti	Controlla le risorse che l'agente utente può caricare per una determinata pagina. Fai clic per saperne di più...
Risorsa https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js Descrizione [Report Only] Refused to connect to 'https://v1.api.service.cmp.usercentrics.eu/latest/1/cmp/cs/GDPR/_9-1Z62sbLkx-Z/7.1.4/7.1.4' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: .algolia.net .algolianet.com .clarity.ms .cookiebot.com .drmax-cz.space .drmax-gl.space .drmax-gl.dev .drmax-sk.space .drmax.cz .drmax.net .drmax.sk .drmax.zone .drmax-gl.live .facebook.com .facebook.net .fbcdn.net .google-analytics.com .google.com .googleapis.com .hotjar.com .hotjar.io .instagram.com .sentry.io .twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.	Criteri di sicurezza dei contenuti	Controlla le risorse che l'agente utente può caricare per una determinata pagina. Fai clic per saperne di più...
Risorsa https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js Descrizione [Report Only] Refused to connect to 'https://v1.api.service.cmp.usercentrics.eu/latest/1/cmp/cs/GDPR/_9-1Z62sbLkx-Z/7.1.4/7.1.4' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: .algolia.net .algolianet.com .clarity.ms .cookiebot.com .drmax-cz.space .drmax-gl.space .drmax-gl.dev .drmax-sk.space .drmax.cz .drmax.net .drmax.sk .drmax.zone .drmax-gl.live .facebook.com .facebook.net .fbcdn.net .google-analytics.com .google.com .googleapis.com .hotjar.com .hotjar.io .instagram.com .sentry.io .twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.	Criteri di sicurezza dei contenuti	Controlla le risorse che l'agente utente può caricare per una determinata pagina. Fai clic per saperne di più...
Risorsa https://web.cmp.usercentrics.eu/ui/loader.js Descrizione [Report Only] Refused to load the script 'https://web.cmp.usercentrics.eu/ui/v/3.28.3/GdprCmpController.5b3825a7.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: .algolia.net .algolianet.com .clarity.ms .cookiebot.com .drmax-cz.space .drmax-gl.space .drmax-gl.dev .drmax-sk.space .drmax.cz .drmax.net .drmax.sk .drmax.zone .drmax-gl.live .facebook.com .facebook.net .fbcdn.net .google-analytics.com .google.com .googleapis.com .hotjar.com .hotjar.io .instagram.com .sentry.io .twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.	Criteri di sicurezza dei contenuti	Controlla le risorse che l'agente utente può caricare per una determinata pagina. Fai clic per saperne di più...
Risorsa https://web.cmp.usercentrics.eu/ui/loader.js Descrizione [Report Only] Refused to load the script 'https://web.cmp.usercentrics.eu/ui/v/3.28.3/GdprCmpController.5b3825a7.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: .algolia.net .algolianet.com .clarity.ms .cookiebot.com .drmax-cz.space .drmax-gl.space .drmax-gl.dev .drmax-sk.space .drmax.cz .drmax.net .drmax.sk .drmax.zone .drmax-gl.live .facebook.com .facebook.net .fbcdn.net .google-analytics.com .google.com .googleapis.com .hotjar.com .hotjar.io .instagram.com .sentry.io .twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.	Criteri di sicurezza dei contenuti	Controlla le risorse che l'agente utente può caricare per una determinata pagina. Fai clic per saperne di più...
Risorsa https://www.drmax.cz/_nuxt/vendors/app/bf0052596e97f6be8164.js Descrizione [Report Only] Refused to connect to 'https://consent-api.service.consent.usercentrics.eu/consent/uw/3' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: .algolia.net .algolianet.com .clarity.ms .cookiebot.com .drmax-cz.space .drmax-gl.space .drmax-gl.dev .drmax-sk.space .drmax.cz .drmax.net .drmax.sk .drmax.zone .drmax-gl.live .facebook.com .facebook.net .fbcdn.net .google-analytics.com .google.com .googleapis.com .hotjar.com .hotjar.io .instagram.com .sentry.io .twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.	Criteri di sicurezza dei contenuti	Controlla le risorse che l'agente utente può caricare per una determinata pagina. Fai clic per saperne di più...
Risorsa https://www.drmax.cz/_nuxt/vendors/app/bf0052596e97f6be8164.js Descrizione [Report Only] Refused to connect to 'https://consent-api.service.consent.usercentrics.eu/consent/uw/3' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: .algolia.net .algolianet.com .clarity.ms .cookiebot.com .drmax-cz.space .drmax-gl.space .drmax-gl.dev .drmax-sk.space .drmax.cz .drmax.net .drmax.sk .drmax.zone .drmax-gl.live .facebook.com .facebook.net .fbcdn.net .google-analytics.com .google.com .googleapis.com .hotjar.com .hotjar.io .instagram.com .sentry.io .twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.	Criteri di sicurezza dei contenuti	Controlla le risorse che l'agente utente può caricare per una determinata pagina. Fai clic per saperne di più...

Certificati · 16 trovati

I certificati SSL/TLS consentono ai siti Web di crittografare le transazioni tra il client e il server e fornire la verifica dell'identità del server

Oggetto	Data di emissione	Data di scadenza
drmax.cz	21 nov 2024, 18:06:04	19 feb 2025, 18:06:03
*.convertexperiments.com	11 set 2024, 00:00:00	10 set 2025, 23:59:59
cloudflareinsights.com	1 nov 2024, 08:16:38	30 gen 2025, 08:16:37
*.google-analytics.com	4 nov 2024, 08:37:47	27 gen 2025, 08:37:46
1382219112.rsc.cdn77.org	11 ott 2024, 10:55:09	9 gen 2025, 10:55:08
drmax.zone	10 nov 2024, 00:09:52	8 feb 2025, 00:09:51
*.luigisbox.com	6 mag 2024, 00:00:00	3 giu 2025, 23:59:59
consent.cookiebot.com	28 feb 2024, 00:00:00	27 feb 2025, 23:59:59
*.g.doubleclick.net	4 nov 2024, 08:37:47	27 gen 2025, 08:37:46
web.cmp.usercentrics.eu	26 nov 2024, 07:47:32	24 feb 2025, 08:42:27