indexo.dev

oltisport.cz

.cz crawl

First seen 2026-06-02 · Last seen 2026-06-03 · ok HTTP/1.1 200 487 ms crawled 2026-06-03

CZ · 217.16.184.12 · AS43541 VSHosting s.r.o.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Oltisport
Language
cs

Technology

Server
nginx
PHP
8.4.21
Analytics
  • Google Tag Manager

Third-party hosts loaded (5)

  • maps.googleapis.com×3
  • oltisport-dev.mcrai.eu×2
  • oltisport.mcrai.eu×2
  • widget.packeta.com×1
  • www.googletagmanager.com×1

Registration

Registrar
REG-WEBSUPPORT
Created
2021-03-03
Expires
2027-03-02 271 days left
Updated
2026-02-18
Name servers
  • ns1.websupport.sk
  • ns2.websupport.sk
  • ns3.websupport.sk

DNS records live

NS
  • ns1.websupport.sk
  • ns2.websupport.sk
  • ns3.websupport.sk
MX
  • 10 mail.oltisport.cz

Email authentication partial

SPF
v=spf1 a mx include:_spf.myshoptet.com include:servers.mcsv.net ip4:217.16.184.12 ~all
softfail (~all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
selectors probed

Certificate (current)

R12
from 2026-05-21 to 2026-08-19
Expires in 77 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.oltisport.cz/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(), bluetooth=(), camera=(self), gamepad=(), geolocation=(self 'https://b2c.cpost.cz' 'https://widget.packeta.com' 'https://hd.widget.packeta.com'), gyroscope=(), magnetometer=(), microphone=(), midi=(), serial=(), usb=()
x-content-type-options
nosniff
content-security-policy
default-src 'self' localhost:* https://mcrai.eu https://*.mcrai.eu; script-src 'self' 'nonce-7ad5e42a62ac78dbfe7dc703a02bcd77' localhost:* https://mcrai.eu https://*.mcrai.eu https://google.com https://*.google.com https://googleapis.com https://*.googleapis.com https://*.googletagmanager.com https://cookie-script.com https://*.cookie-script.com https://tiny.cloud https://*.tiny.cloud https://*.im9.cz https://connect.facebook.net https://*.facebook.com https://c.seznam.cz https://bat.bing.net https://bat.bing.com; style-src 'self' 'unsafe-inline' localhost:* https://mcrai.eu https://*.mcrai.eu https://googleapis.com https://*.googleapis.com https://tiny.cloud https://*.tiny.cloud https://typekit.net https://*.typekit.net; img-src 'self' data: blob: localhost:* https:; font-src 'self' localhost:* https://mcrai.eu https://*.mcrai.eu https://gstatic.com https://*.gstatic.com https://typekit.net https://*.typekit.net; connect-src 'self' localhost:* https://mcrai.eu https://*.mcrai.eu https
strict-transport-security
max-age=31536000

Linked from (2)