indexo.dev

osa.cz

.cz crawl

First seen 2026-05-12 · Last seen 2026-05-18 · ok HTTP/1.1 200 11703 ms crawled 2026-05-18

CZ · 31.15.12.214 · AS25234 ACTIVE 24, s.r.o.

Reputation 100/100

Classifying

HTML metadata

Title
OSA, z.s. | OSA.CZ
Language
cs
Canonical
https://www.osa.cz/

Open Graph

url
https://www.osa.cz/
title
OSA, z.s.
site name
OSA.CZ

Technology

Server
nginx
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • osa.searchready.cz×1
  • www.googletagmanager.com×1

Social

Contact

Phone
Address
Čs. armády 786/20, 160 56 Praha 6

Registration

Registrar
REG-INTERNET-CZ
Created
1996-12-08
Expires
2027-10-20 517 days left
Updated
2013-09-23
Name servers
  • ns.forpsi.cz
  • ns.forpsi.it
  • ns.forpsi.net

DNS records live

NS
  • ns.forpsi.cz
  • ns.forpsi.it
  • ns.forpsi.net
MX
  • 0 osa-cz.mail.protection.outlook.com
Verified for
  • Atlassian
  • Meta
  • Microsoft 365
  • TeamViewer

Email authentication strong

SPF
v=spf1 mx ip4:85.207.59.176/28 ip6:2a02:a40:100:4ff::1:1/124 include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1;p=reject;sp=reject;pct=100;adkim=s;aspf=s;rua=mailto:bhzgm0r3@ag.eu.dmarcian.com, mailto:7afc2bb65c@rua.easydmarc.eu,mailto:dmarc-info@osa.cz;ruf=mailto:7afc2bb65c@ruf.easydmarc.eu,mailto:dmarc-info@osa.cz;fo=0:1:d:s
policy: reject (enforced) · sp=reject
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+4MSyWOxkulto2B72pB3W3Hrx7eJ+XsTk32icX+MrIa7GCSILdvvXI5K6S0dtPokvygLwcUzf9tD0…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NkcryRUURwUQsY2b0llDwLccD6HSHD3dn653sWS2gsaAK2E9FqRl3GP3Z00wHrrEBWNu62QEqQpLH…
  • mail: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqJAV+ZsxUB0fF/XMF/CcZjRIsVsWNXl5Q035Uh5dk4B+Bw23PYborJy9Swq7wS/SXKql+J/FIGgHr…
selectors probed

Certificate (current)

Sectigo Public Server Authentication CA EV R36
from 2026-02-24 to 2027-03-28
Expires in 311 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.osa.cz/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self "https://www.youtube.com"), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; style-src 'self' 'unsafe-inline' *.googleapis.com; script-src 'nonce-d9xE/Yadg5rk5HSKIxPkRQ==' 'strict-dynamic' 'unsafe-inline' *.facebook.com *.google-analytics.com *.searchready.cz; img-src 'self' data: *.osa.cz *.youtube.com *.ytimg.com *.facebook.com *.google.cz *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleapis.com stats.g.doubleclick.net; font-src 'self' *.gstatic.com; frame-src 'self' www.google.com/recaptcha/ *.youtube.com *.youtube-nocookie.com *.facebook.com *.googletagmanager.com; connect-src 'self' *.facebook.com *.google-analytics.com *.searchready.cz; worker-src 'self'; object-src 'none'; base-uri 'self';
strict-transport-security
max-age=31536000; includeSubDomains

Links to (8)

Linked from (1)