https://www.svetilainluci.si/

Scan ID:: 7a6d0629-9ec7-4d1e-b669-620964a48bf9Finished
Submitted URL:: https://www.svetilainluci.si/
Report Finished:: Dec 16, 2024, 22:18:21

Risks · 0 found

Practices that may pose security risks

Security Headers · 3 found

HTTP response headers that can harden the security of a web application

Name	Value	Support	Info
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload	Good	Declare that a website is only accessible over a secure connection (HTTPS). Click to learn more...
X-Frame-Options	SAMEORIGIN	Good	Indicate whether a browser should be allowed to render a page in a <frame>, <iframe>, <embed> or <object>. Click to learn more...
X-Content-Type-Options	—	Good	Indicate that the MIME types advertised in the Content-Type headers should be followed and not be changed. Click to learn more...
Content-Security-Policy	—	Good	Control resources the user agent is allowed to load for a given page. Click to learn more...
Referrer-Policy	—	Good	Control how much referrer information should be included with requests. Click to learn more...
Clear-Site-Data	—	Good	Control the data stored by a client browser for their origins. Click to learn more...
X-Permitted-Cross-Domain-Policies	—	Good	Control whether a web client such as Adobe Flash Player or Adobe Acrobat has permission to handle data across domains. Click to learn more...
Permissions-Policy	—	New	Allow and deny the use of browser features in a document or iframe. Click to learn more...
Cross-Origin-Embedder-Policy	—	New	Configure embedding cross-origin resources into the document. Click to learn more...
Cross-Origin-Opener-Policy	—	New	Ensure a top-level document does not share a browsing context group with cross-origin documents. Click to learn more...
Cross-Origin-Resource-Policy	—	New	Request that the browser blocks no-cors cross-origin/cross-site requests to the given resource. Click to learn more...
X-XSS-Protection	1; mode=block;	Deprecated	Deprecated. Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks. Click to learn more...
Feature-Policy	—	Deprecated	Deprecated. Replaced by the Permissions-Policy header. Click to learn more...
Expect-CT	—	Deprecated	Deprecated. Opt in to reporting and/or enforcement of Certificate Transparency requirements. Click to learn more...
Public-Key-Pins	—	Deprecated	Deprecated. Allows HTTPS websites to resist impersonation by attackers using mis-issued or otherwise fraudulent certificates. Click to learn more...

Security Violations · 20 found

Requests or resources offending security policies

Violation	Type	Info
Resource https://www.svetilainluci.si/ Description [Report Only] Refused to load the script 'https://gtm.svetilainluci.si/ambbblui.js?st=KN5Q53K' because it violates the following Content Security Policy directive: "script-src geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com .commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com .vimeocdn.com .youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com amcglobal.sc.omtrdc.net .magento-ds.com use.typekit.net .typekit.net google.com .google.com .adyen.com .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com consent.cookiebot.com mintminds.fittinq.com cdn.evgnet.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://www.svetilainluci.si/ Description [Report Only] Refused to load the script 'https://gtm.svetilainluci.si/gpt_ads-public.js' because it violates the following Content Security Policy directive: "script-src geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com .commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com .vimeocdn.com .youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com amcglobal.sc.omtrdc.net .magento-ds.com use.typekit.net .typekit.net google.com .google.com .adyen.com .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com consent.cookiebot.com mintminds.fittinq.com cdn.evgnet.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://www.svetilainluci.si/ Description [Report Only] Refused to load the script 'https://consent.cookiebot.eu/uc.js?cbid=a3f1db5e-1ca1-4fd6-89a9-9b8eddd1c8e9&implementation=gtm&consentmode-dataredaction=dynamic' because it violates the following Content Security Policy directive: "script-src geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com .commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com .vimeocdn.com .youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com amcglobal.sc.omtrdc.net .magento-ds.com use.typekit.net .typekit.net google.com .google.com .adyen.com .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com consent.cookiebot.com mintminds.fittinq.com cdn.evgnet.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://www.svetilainluci.si/ Description [Report Only] Refused to load the script 'https://gtm.svetilainluci.si/gtag/js?id=G-H808P8FFNQ&l=dataLayer&cx=c&gtm=45He4cc1v77749973za200' because it violates the following Content Security Policy directive: "script-src geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com .commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com .vimeocdn.com .youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com amcglobal.sc.omtrdc.net .magento-ds.com use.typekit.net .typekit.net google.com .google.com .adyen.com .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com consent.cookiebot.com mintminds.fittinq.com cdn.evgnet.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://www.svetilainluci.si/ Description [Report Only] Refused to load the script 'https://client.prod.mplat-ppcprotect.com/PgAAXezNkUqmrZPVflANNSKd8pddT-CK_vnG2S0A_js.js' because it violates the following Content Security Policy directive: "script-src geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com .commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com .vimeocdn.com .youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com amcglobal.sc.omtrdc.net .magento-ds.com use.typekit.net .typekit.net google.com .google.com .adyen.com .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com consent.cookiebot.com mintminds.fittinq.com cdn.evgnet.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://www.svetilainluci.si/ Description [Report Only] Refused to load the script 'https://consent.cookiebot.eu/a3f1db5e-1ca1-4fd6-89a9-9b8eddd1c8e9/cc.js?renew=false&referer=www.svetilainluci.si&dnt=false&init=false' because it violates the following Content Security Policy directive: "script-src geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com .commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com .vimeocdn.com .youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com amcglobal.sc.omtrdc.net .magento-ds.com use.typekit.net .typekit.net google.com .google.com .adyen.com .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com consent.cookiebot.com mintminds.fittinq.com cdn.evgnet.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://consent.cookiebot.eu/ Description [Report Only] Refused to frame 'https://consentcdn.cookiebot.eu/' because it violates the following Content Security Policy directive: "frame-src 'self' geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net .youtube.com .youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ .braintreegateway.com .paypal.com google.com .google.com www.googletagmanager.com .adyen.com https://plumrocket.com consentcdn.cookiebot.com gum.criteo.com qlfbrands.my.salesforce.com td.doubleclick.net fledge.eu.criteo.com www.facebook.com static.criteo.net qlflivechat.secure.force.com qlfbrands.my.salesforce-sites.com www.paypalobjects.com gumi.criteo.com www.awin1.com".	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://www.svetilainluci.si/ Description [Report Only] Refused to connect to 'https://click.prod.mplat-ppcprotect.com/v2/recv?lpn=n&plat=&data=%7B%22href%22%3A%22https%3A%2F%2Fwww.svetilainluci.si%2F%22%2C%22token%22%3A%22eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2NvdW50X2lkIjoxNzM4Nn0.BNUyPZLJmiD6oCx8UzcM0m7-TNyHGrL21OFdPxiiru8%22%2C%22client_id%22%3A0%7D' because it violates the following Content Security Policy directive: "connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com .google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com .adobe.io performance.typekit.net .sentry.io .paypal.com google.com .google.com .adyen.com https://get.geojs.io .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com .evergage.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com .getflowbox.com eu.api.fpjs.io maps.googleapis.com pagead2.googlesyndication.com consentcdn.cookiebot.com .clarity.ms p.biano.nl p.biano.hu p.biano.ro p.biano.pt p.biano.it p.biano.sk p.biano.cz www.google.com www.google.nl px.ads.linkedin.com .criteo.com bat.bing.com cdn.growthbook.io www.facebook.com ct.beslist.nl stats.g.doubleclick.net vc.hotjar.io consent.cookiebot.com the.sciencebehindecommerce.com www.wepowerconnections.com qlfbrands-communities.force.com c.bannerflow.net .analytics.google.com *.googletagmanager.com 'self' 'unsafe-inline'".	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://www.svetilainluci.si/ Description [Report Only] Refused to connect to 'https://click.prod.mplat-ppcprotect.com/v2/recv?lpn=n&plat=&data=%7B%22href%22%3A%22https%3A%2F%2Fwww.svetilainluci.si%2F%22%2C%22token%22%3A%22eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2NvdW50X2lkIjoxNzM4Nn0.BNUyPZLJmiD6oCx8UzcM0m7-TNyHGrL21OFdPxiiru8%22%2C%22client_id%22%3A0%7D' because it violates the following Content Security Policy directive: "connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com .google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com .adobe.io performance.typekit.net .sentry.io .paypal.com google.com .google.com .adyen.com https://get.geojs.io .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com .evergage.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com .getflowbox.com eu.api.fpjs.io maps.googleapis.com pagead2.googlesyndication.com consentcdn.cookiebot.com .clarity.ms p.biano.nl p.biano.hu p.biano.ro p.biano.pt p.biano.it p.biano.sk p.biano.cz www.google.com www.google.nl px.ads.linkedin.com .criteo.com bat.bing.com cdn.growthbook.io www.facebook.com ct.beslist.nl stats.g.doubleclick.net vc.hotjar.io consent.cookiebot.com the.sciencebehindecommerce.com www.wepowerconnections.com qlfbrands-communities.force.com c.bannerflow.net .analytics.google.com *.googletagmanager.com 'self' 'unsafe-inline'".	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://consent.cookiebot.eu/ Description [Report Only] Refused to frame 'https://consentcdn.cookiebot.eu/' because it violates the following Content Security Policy directive: "frame-src 'self' geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net .youtube.com .youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ .braintreegateway.com .paypal.com google.com .google.com www.googletagmanager.com .adyen.com https://plumrocket.com consentcdn.cookiebot.com gum.criteo.com qlfbrands.my.salesforce.com td.doubleclick.net fledge.eu.criteo.com www.facebook.com static.criteo.net qlflivechat.secure.force.com qlfbrands.my.salesforce-sites.com www.paypalobjects.com gumi.criteo.com www.awin1.com".	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://www.svetilainluci.si/ Description [Report Only] Refused to load the script 'https://js-agent.newrelic.com/nr-spa-1.275.0.min.js' because it violates the following Content Security Policy directive: "script-src geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com .commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com .vimeocdn.com .youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com amcglobal.sc.omtrdc.net .magento-ds.com use.typekit.net .typekit.net google.com .google.com .adyen.com .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com consent.cookiebot.com mintminds.fittinq.com cdn.evgnet.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://www.svetilainluci.si/ Description [Report Only] Refused to connect to 'https://gtm.svetilainluci.si/g/collect?v=2&tid=G-H808P8FFNQ&gtm=45je4cc1v9134208420z877749973za204zb77749973&_p=1734387510680&gcs=G100&gcd=13p3pPp2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&gdid=dMWZhNz&cid=497985284.1734387513&ecid=1419901132&ul=en-us&sr=1x1&_fplc=0&ir=1&ur=ES&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=denied&ec_mode=c&_eu=EA&sst.rnd=793672585.1734387513&sst.etld=google.es&sst.gcsub=region1&sst.adr=1&sst.us_privacy=1---&sst.tft=1734387510680&sst.ude=0&_s=1&sid=1734387512&sct=1&seg=0&dl=https%3A%2F%2Fwww.svetilainluci.si%2F&dt=Svetila%20na%20spletu%20%E2%80%93%20poi%C5%A1%C4%8Dite%20lu%C4%8Di%20tukaj%20%7C%20Svetilainluci&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_type_meta_property=home&ep.content_group=home&ep.event_id=1734387512052.710953.containerloaded&ep.page_current_category=&ep.user_data._tag_mode=MANUAL&tfd=2834&richsstsse' because it violates the following Content Security Policy directive: "connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com .google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com .adobe.io performance.typekit.net .sentry.io .paypal.com google.com .google.com .adyen.com https://get.geojs.io .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com .evergage.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com .getflowbox.com eu.api.fpjs.io maps.googleapis.com pagead2.googlesyndication.com consentcdn.cookiebot.com .clarity.ms p.biano.nl p.biano.hu p.biano.ro p.biano.pt p.biano.it p.biano.sk p.biano.cz www.google.com www.google.nl px.ads.linkedin.com .criteo.com bat.bing.com cdn.growthbook.io www.facebook.com ct.beslist.nl stats.g.doubleclick.net vc.hotjar.io consent.cookiebot.com the.sciencebehindecommerce.com www.wepowerconnections.com qlfbrands-communities.force.com c.bannerflow.net .analytics.google.com *.googletagmanager.com 'self' 'unsafe-inline'".	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://www.svetilainluci.si/ Description [Report Only] Refused to connect to 'https://gtm.svetilainluci.si/g/collect?v=2&tid=G-H808P8FFNQ&gtm=45je4cc1v9134208420z877749973za204zb77749973&_p=1734387510680&gcs=G100&gcd=13p3pPp2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&gdid=dMWZhNz&cid=497985284.1734387513&ecid=1419901132&ul=en-us&sr=1x1&_fplc=0&ir=1&ur=ES&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=denied&ec_mode=c&_eu=EA&sst.rnd=793672585.1734387513&sst.etld=google.es&sst.gcsub=region1&sst.adr=1&sst.us_privacy=1---&sst.tft=1734387510680&sst.ude=0&_s=1&sid=1734387512&sct=1&seg=0&dl=https%3A%2F%2Fwww.svetilainluci.si%2F&dt=Svetila%20na%20spletu%20%E2%80%93%20poi%C5%A1%C4%8Dite%20lu%C4%8Di%20tukaj%20%7C%20Svetilainluci&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_type_meta_property=home&ep.content_group=home&ep.event_id=1734387512052.710953.containerloaded&ep.page_current_category=&ep.user_data._tag_mode=MANUAL&tfd=2834&richsstsse' because it violates the following Content Security Policy directive: "connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com .google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com .adobe.io performance.typekit.net .sentry.io .paypal.com google.com .google.com .adyen.com https://get.geojs.io .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com .evergage.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com .getflowbox.com eu.api.fpjs.io maps.googleapis.com pagead2.googlesyndication.com consentcdn.cookiebot.com .clarity.ms p.biano.nl p.biano.hu p.biano.ro p.biano.pt p.biano.it p.biano.sk p.biano.cz www.google.com www.google.nl px.ads.linkedin.com .criteo.com bat.bing.com cdn.growthbook.io www.facebook.com ct.beslist.nl stats.g.doubleclick.net vc.hotjar.io consent.cookiebot.com the.sciencebehindecommerce.com www.wepowerconnections.com qlfbrands-communities.force.com c.bannerflow.net .analytics.google.com *.googletagmanager.com 'self' 'unsafe-inline'".	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://www.svetilainluci.si/ Description [Report Only] Refused to connect to 'https://bam.eu01.nr-data.net/1/NRJS-c22f5f7fe03caa2631d?a=495179815&v=1.275.0&to=MhBSZQoZChUEBkdZWwtacVIMEQsISgZeQxsMG1RUAFcNCAEASw%3D%3D&rst=2970&ck=0&s=6fe00d1a8710da91&ref=https://www.svetilainluci.si/&ptid=8780450cbc3df7d9&af=err,spa,xhr,stn,ins&ap=1468&be=224&fe=2247&dc=1266&at=HldRE0IDGRs%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1734387510231,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:56,%22s%22:67,%22ce%22:112,%22rq%22:112,%22rp%22:224,%22rpe%22:369,%22di%22:900,%22ds%22:1487,%22de%22:1490,%22dc%22:2454,%22l%22:2455,%22le%22:2471%7D,%22navigation%22:%7B%7D%7D&fp=600&fcp=600' because it violates the following Content Security Policy directive: "connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com .google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com .adobe.io performance.typekit.net .sentry.io .paypal.com google.com .google.com .adyen.com https://get.geojs.io .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com .evergage.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com .getflowbox.com eu.api.fpjs.io maps.googleapis.com pagead2.googlesyndication.com consentcdn.cookiebot.com .clarity.ms p.biano.nl p.biano.hu p.biano.ro p.biano.pt p.biano.it p.biano.sk p.biano.cz www.google.com www.google.nl px.ads.linkedin.com .criteo.com bat.bing.com cdn.growthbook.io www.facebook.com ct.beslist.nl stats.g.doubleclick.net vc.hotjar.io consent.cookiebot.com the.sciencebehindecommerce.com www.wepowerconnections.com qlfbrands-communities.force.com c.bannerflow.net .analytics.google.com *.googletagmanager.com 'self' 'unsafe-inline'".	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://bf.lampenlicht.nl/scripts/animated-creative.1e2cab56d2448a944723.js Description [Report Only] Refused to load the script 'blob:https://www.svetilainluci.si/37f01cf9-e965-43ef-8c58-4e257cb1991a' because it violates the following Content Security Policy directive: "script-src geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com .commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com .vimeocdn.com .youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com amcglobal.sc.omtrdc.net .magento-ds.com use.typekit.net .typekit.net google.com .google.com .adyen.com .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com consent.cookiebot.com mintminds.fittinq.com cdn.evgnet.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://www.svetilainluci.si/ Description [Report Only] Refused to connect to 'https://bam.eu01.nr-data.net/events/1/NRJS-c22f5f7fe03caa2631d?a=495179815&v=1.275.0&to=MhBSZQoZChUEBkdZWwtacVIMEQsISgZeQxsMG1RUAFcNCAEASw%3D%3D&rst=3114&ck=0&s=6fe00d1a8710da91&ref=https://www.svetilainluci.si/&ptid=8780450cbc3df7d9' because it violates the following Content Security Policy directive: "connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com .google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com .adobe.io performance.typekit.net .sentry.io .paypal.com google.com .google.com .adyen.com https://get.geojs.io .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com .evergage.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com .getflowbox.com eu.api.fpjs.io maps.googleapis.com pagead2.googlesyndication.com consentcdn.cookiebot.com .clarity.ms p.biano.nl p.biano.hu p.biano.ro p.biano.pt p.biano.it p.biano.sk p.biano.cz www.google.com www.google.nl px.ads.linkedin.com .criteo.com bat.bing.com cdn.growthbook.io www.facebook.com ct.beslist.nl stats.g.doubleclick.net vc.hotjar.io consent.cookiebot.com the.sciencebehindecommerce.com www.wepowerconnections.com qlfbrands-communities.force.com c.bannerflow.net .analytics.google.com *.googletagmanager.com 'self' 'unsafe-inline'".	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://bf.lampenlicht.nl/scripts/animated-creative.1e2cab56d2448a944723.js Description [Report Only] Refused to load the script 'blob:https://www.svetilainluci.si/8a9f4fc4-7d0d-496c-81a2-bc16377f03ac' because it violates the following Content Security Policy directive: "script-src geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com .commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com .vimeocdn.com .youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com amcglobal.sc.omtrdc.net .magento-ds.com use.typekit.net .typekit.net google.com .google.com .adyen.com .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com consent.cookiebot.com mintminds.fittinq.com cdn.evgnet.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://www.svetilainluci.si/ Description [Report Only] Refused to connect to 'https://bam.eu01.nr-data.net/jserrors/1/NRJS-c22f5f7fe03caa2631d?a=495179815&v=1.275.0&to=MhBSZQoZChUEBkdZWwtacVIMEQsISgZeQxsMG1RUAFcNCAEASw%3D%3D&rst=13402&ck=0&s=6fe00d1a8710da91&ref=https://www.svetilainluci.si/&ptid=8780450cbc3df7d9' because it violates the following Content Security Policy directive: "connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com .google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com .adobe.io performance.typekit.net .sentry.io .paypal.com google.com .google.com .adyen.com https://get.geojs.io .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com .evergage.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com .getflowbox.com eu.api.fpjs.io maps.googleapis.com pagead2.googlesyndication.com consentcdn.cookiebot.com .clarity.ms p.biano.nl p.biano.hu p.biano.ro p.biano.pt p.biano.it p.biano.sk p.biano.cz www.google.com www.google.nl px.ads.linkedin.com .criteo.com bat.bing.com cdn.growthbook.io www.facebook.com ct.beslist.nl stats.g.doubleclick.net vc.hotjar.io consent.cookiebot.com the.sciencebehindecommerce.com www.wepowerconnections.com qlfbrands-communities.force.com c.bannerflow.net .analytics.google.com *.googletagmanager.com 'self' 'unsafe-inline'".	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://www.svetilainluci.si/ Description [Report Only] Refused to connect to 'https://bam.eu01.nr-data.net/events/1/NRJS-c22f5f7fe03caa2631d?a=495179815&v=1.275.0&to=MhBSZQoZChUEBkdZWwtacVIMEQsISgZeQxsMG1RUAFcNCAEASw%3D%3D&rst=13408&ck=0&s=6fe00d1a8710da91&ref=https://www.svetilainluci.si/&ptid=8780450cbc3df7d9' because it violates the following Content Security Policy directive: "connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com .google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com .adobe.io performance.typekit.net .sentry.io .paypal.com google.com .google.com .adyen.com https://get.geojs.io .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com .evergage.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com .getflowbox.com eu.api.fpjs.io maps.googleapis.com pagead2.googlesyndication.com consentcdn.cookiebot.com .clarity.ms p.biano.nl p.biano.hu p.biano.ro p.biano.pt p.biano.it p.biano.sk p.biano.cz www.google.com www.google.nl px.ads.linkedin.com .criteo.com bat.bing.com cdn.growthbook.io www.facebook.com ct.beslist.nl stats.g.doubleclick.net vc.hotjar.io consent.cookiebot.com the.sciencebehindecommerce.com www.wepowerconnections.com qlfbrands-communities.force.com c.bannerflow.net .analytics.google.com *.googletagmanager.com 'self' 'unsafe-inline'".	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...
Resource https://bf.lampenlicht.nl/scripts/animated-creative.1e2cab56d2448a944723.js Description [Report Only] Refused to load the script 'blob:https://www.svetilainluci.si/5b739360-d813-4d6b-ad6d-842d29dee7fc' because it violates the following Content Security Policy directive: "script-src geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com .commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com .vimeocdn.com .youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com amcglobal.sc.omtrdc.net .magento-ds.com use.typekit.net .typekit.net google.com .google.com .adyen.com .avada.io lampenlicht.nl .lampenlicht.nl .webeyez.com firehose.eu-west-1.amazonaws.com cognito-identity.eu-west-1.amazonaws.com consent.cookiebot.com mintminds.fittinq.com cdn.evgnet.com *.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.	Content Security Policy	Control resources the user agent is allowed to load for a given page. Click to learn more...

Certificates · 13 found

SSL/TLS Certificates enable websites to encrypt transactions between the client and the server and provide server identity verification

Subject	Issue date	Expiry date
svetilainluci.si	Nov 12, 2024, 15:13:33	Feb 10, 2025, 15:13:32
lampenlicht.nl	Oct 22, 2024, 07:33:08	Jan 20, 2025, 07:33:07
mintminds.fittinq.com	Dec 6, 2024, 22:44:22	Mar 6, 2025, 22:44:21
cdn.evergage.com	Feb 14, 2024, 00:00:00	Feb 12, 2025, 23:59:59
bf.lampenlicht.nl	Dec 15, 2024, 05:33:37	Mar 15, 2025, 05:33:36
cdn.growthbook.io	Nov 23, 2024, 02:42:54	Feb 21, 2025, 02:42:53
consent.cookiebot.eu	Nov 28, 2024, 09:11:14	Feb 26, 2025, 09:11:13
*.prod.mplat-ppcprotect.com	Aug 21, 2024, 00:00:00	Sep 20, 2025, 23:59:59
bannerflow.net	Dec 2, 2024, 08:05:43	Mar 2, 2025, 08:05:42
consentcdn.cookiebot.eu	Nov 28, 2024, 09:11:15	Feb 26, 2025, 09:11:14