indexo.dev

inasport.eu

.eu crawl

First seen 2026-05-28 · Last seen 2026-05-30 · ok HTTP/1.1 200 987 ms crawled 2026-05-30

FR · 178.32.252.114 · AS16276 OVH SAS

Reputation 94/100 dmarc monitor-only

sector sports type homepage

HTML metadata

Title
INA SPORT – distributor sportovních značek | inasport.eu
Description
Výhradní distributor značek pro zimní sporty, týmové sporty a outdoor pro ČR, SK, PL a HU.
Language
cs

Technology

Server
nginx
CMS
Gatsby
Analytics
  • Google Tag Manager

Third-party hosts loaded (4)

  • scontent-waw2-1.cdninstagram.com×3
  • scontent-waw2-2.xx.fbcdn.net×3
  • scontent-waw2-2.cdninstagram.com×2
  • www.googletagmanager.com×1

Social

Contact

Phone

DNS records live

NS
  • inet.faster.cz
  • inet.zelenadata.cz
MX
  • 0 inasport-eu.mail.protection.outlook.com
Verified for
  • Google
  • Microsoft 365

Email authentication partial

SPF
v=spf1 mx include:_spf.faster.cz include:_spf.contimex.cz ip4:81.2.197.120 include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1; p=none; rua=mailto:rua-9c2d47554fad4894@dmarc-reports.leadhub.co; ruf=mailto:ruf-9c2d47554fad4894@dmarc-reports.leadhub.co;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

ZeroSSL ECC DV SSL CA 2
from 2026-05-13 to 2026-08-12
Expires in 72 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.inasport.eu/cs/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
same-origin
x-frame-options
DENY
permissions-policy
accelerometer=(), autoplay=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), usb=()
x-content-type-options
nosniff
content-security-policy
font-src 'self' fonts.gstatic.com cdnjs.cloudflare.com; connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.googlesyndication.com *.g.doubleclick.net *.google.com *.google.cz *.cookiehub.net *.cookiehub.eu *.hotjar.io *.smartsuppchat.com *.smartsuppcdn.com *.smartsupp.com wss://*.smartsupp.com *.facebook.com *.smartlook.cloud; default-src 'self' www.google.com/recaptcha/ www.googletagmanager.com www.youtube.com/embed/ *.doubleclick.net www.youtube-nocookie.com/embed/; img-src 'self' data: *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.googlesyndication.com *.g.doubleclick.net *.google.com *.google.cz c.seznam.cz/retargeting *.doubleclick.net *.facebook.com *.mapbox.com *.fbcdn.net *.cdninstagram.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com/recaptcha/ www.gstatic.com/recaptcha/ *.googletagmanager.com *.g.doubleclick.net c.seznam.cz *.cookiehub.net *.cookiehub.eu *.google-analytics.com *.smartsuppchat.co
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy
same-origin; report-to="default"
cross-origin-embedder-policy
unsafe-none; report-to="default"
cross-origin-resource-policy
same-origin

Links to (6)

Linked from (2)