marvelgym.cz

.cz crawl

First seen 2026-06-03 · Last seen 2026-06-03 · ok HTTP/1.1 200 467 ms crawled 2026-06-03

CZ · 90.182.206.241 · AS5610 O2 Czech Republic, a.s.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: MarvelGym – Moderní Industriální Fitness Club | MarvelGym
Description: MarvelGym Mladá Boleslav. Surová síla, industriální prostory, osobní trenéři a skupinové lekce, které tě posunou dál. Přijď si zacvičit!
Language: cs
Canonical: https://www.marvelgym.cz/

Open Graph

url: https://www.marvelgym.cz/
title: MarvelGym – Moderní Industriální Fitness Club | MarvelGym
description: MarvelGym Mladá Boleslav. Surová síla, industriální prostory, osobní trenéři a skupinové lekce, které tě posunou dál. Přijď si zacvičit!

Technology

Server: FCR

Third-party hosts loaded (1)

images.unsplash.com×3

Social

Contact

Phone

+420 123 456 789

Address

Tovární 123, 293 01, Mladá Boleslav, CZ

Registration

Registrar

REG-BANAN

Created

2016-03-15

Expires

2027-03-14 282 days left

Updated

2016-09-08

Name servers

ns1.fcrmedia.com
ns2.fcrmedia.com

DNS records live

NS

ns1.fcrmedia.com
ns2.fcrmedia.com

MX

10 mail.mediatel-hosting.sk

Email authentication weak

SPF: v=spf1 ip4:90.182.206.224/27 mx include:marvelgym.cz -all
strict (-all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

R13

from 2026-05-26 to 2026-08-24

Expires in 81 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://marvelgym.cz/

present

content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: camera=(), microphone=(), geolocation=(), interest-cohort=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:; font-src 'self' data: https:; connect-src 'self' https://sentry.fcrmedia.com https://app.marvelgym.dev2.fcrtech.cz https://app.marvelgym.cz https://feeds.behold.so; frame-src 'self' https://*.gopay.com https://*.gopay.cz; object-src 'none'; base-uri 'self'; form-action 'self';

Links to (1)

instagram.com×1

Linked from (1)

swagliftday.com×1