sect-act-part-ca-ag.mablog.eu Open in urlscan Pro
2001:1ab0:7e1e:220:ed:0:140:40  Public Scan

Submitted URL: https://page-web-ca.firebaseapp.com/
Effective URL: https://sect-act-part-ca-ag.mablog.eu/CA2023/
Submission: On March 27 via manual from ES — Scanned from CA

Summary

This website contacted 15 IPs in 2 countries across 18 domains to perform 46 HTTP transactions. The main IP is 2001:1ab0:7e1e:220:ed:0:140:40, located in Czech Republic and belongs to IGNUM-AS Czech Republic, CZ. The main domain is sect-act-part-ca-ag.mablog.eu.
TLS certificate: Issued by R3 on March 18th 2023. Valid for: 3 months.
This is the only time sect-act-part-ca-ag.mablog.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
7 www.endora.cz sect-act-part-ca-ag.mablog.eu
www.endora.cz
3 www.googletagmanager.com sect-act-part-ca-ag.mablog.eu
www.googletagmanager.com
3 maxcdn.bootstrapcdn.com page-web-ca.firebaseapp.com
2 connect.facebook.net sect-act-part-ca-ag.mablog.eu
connect.facebook.net
2 apis.google.com sect-act-part-ca-ag.mablog.eu
apis.google.com
2 pagead2.googlesyndication.com sect-act-part-ca-ag.mablog.eu
pagead2.googlesyndication.com
1 www.facebook.com connect.facebook.net
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 fonts.googleapis.com client
1 www.googleadservices.com www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.gstatic.com www.google.com
1 www.google.com sect-act-part-ca-ag.mablog.eu
1 sect-act-part-ca-ag.mablog.eu
1 page-web-ca.firebaseapp.com
0 adservice.google.com Failed pagead2.googlesyndication.com
0 adservice.google.ca Failed pagead2.googlesyndication.com
0 partner.googleadservices.com Failed pagead2.googlesyndication.com
0 www.google.ca Failed sect-act-part-ca-ag.mablog.eu
0 stats.g.doubleclick.net Failed www.googletagmanager.com
0 analytics.google.com Failed www.googletagmanager.com
0 www.webglobe.cz Failed sect-act-part-ca-ag.mablog.eu
0 c.imedia.cz Failed www.googletagmanager.com
0 aww.moe Failed page-web-ca.firebaseapp.com
46 24

This site contains no links.

Subject Issuer Validity Valid
firebaseapp.com
GTS CA 1D4
2023-03-07 -
2023-06-05
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-12-30 -
2023-12-30
a year crt.sh
*.8u.cz
R3
2023-03-18 -
2023-06-16
3 months crt.sh
endora.cz
R3
2023-02-28 -
2023-05-29
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
www.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-01-10 -
2023-04-03
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh

This page contains 3 frames:

Primary Page: https://sect-act-part-ca-ag.mablog.eu/CA2023/
Frame ID: D7CB4CD7B9A995924FD8826BBF85DA05
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html
Frame ID: F2459392BEDC30B1696C0B56C1D7E9CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5207119889962754&output=html&h=250&slotname=8624521180&adk=157814446&adf=677210104&pi=t.ma~as.8624521180&w=250&lmt=1679896198&format=250x250&url=https%3A%2F%2Fsect-act-part-ca-ag.mablog.eu%2FCA2023%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679896198639&bpp=4&bdt=1201&idt=186&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&correlator=5559200290079&frm=20&pv=2&ga_vid=1672208856.1679896199&ga_sid=1679896199&ga_hid=2045831836&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1137&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777876%2C44773810%2C44759837%2C31073107%2C31073262%2C44786500%2C44787455&oid=2&pvsid=1913540290819933&tmod=1105847509&uas=0&nvt=1&ref=https%3A%2F%2Fpage-web-ca.firebaseapp.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AK4LbKZEEk&p=https%3A//sect-act-part-ca-ag.mablog.eu&dtd=204
Frame ID: 5B1E9D001E6044EA594B806EE63D3D72
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://page-web-ca.firebaseapp.com/ Page URL
  2. https://sect-act-part-ca-ag.mablog.eu/CA2023/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

46
Requests

61 %
HTTPS

93 %
IPv6

18
Domains

24
Subdomains

15
IPs

2
Countries

1101 kB
Transfer

3395 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://page-web-ca.firebaseapp.com/ Page URL
  2. https://sect-act-part-ca-ag.mablog.eu/CA2023/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
page-web-ca.firebaseapp.com/
3 KB
1 KB
Document
General
Full URL
https://page-web-ca.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ab5045497fe34a5a455c024ae4750cdb2fd2af31dc4411cf4ee06310246cab6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
1109
content-type
text/html; charset=utf-8
date
Mon, 27 Mar 2023 05:49:54 GMT
etag
"558ca7d3bc524a3fd57b83368f26b285243fc348287a35cde9d0713cda90144f-br"
last-modified
Sat, 25 Mar 2023 17:29:19 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
1
x-served-by
cache-yul12829-YUL
x-timer
S1679896195.718386,VS0,VE1
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/
118 KB
20 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: page-web-ca.firebaseapp.com
URL: https://page-web-ca.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://page-web-ca.firebaseapp.com/
Origin
https://page-web-ca.firebaseapp.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 05:49:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
940
age
9987
cdn-cachedat
11/29/2022 01:43:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"ec3bb52a00e176a7181d454dffaea219"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b20652d607fe6358f95e0d822d2c9a34
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7ae55a514e2733f1-YUL
cdn-requestpullsuccess
True
bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/
23 KB
3 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
Requested by
Host: page-web-ca.firebaseapp.com
URL: https://page-web-ca.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://page-web-ca.firebaseapp.com/
Origin
https://page-web-ca.firebaseapp.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 05:49:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1070
age
9987
cdn-cachedat
01/17/2023 03:43:10
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"ab6b02efeaf178e0247b9504051472fb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
bea4fe33a23a3e23f9f9e76919b6f39b
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7ae55a514e2833f1-YUL
cdn-requestpullsuccess
True
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/
36 KB
10 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: page-web-ca.firebaseapp.com
URL: https://page-web-ca.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://page-web-ca.firebaseapp.com/
Origin
https://page-web-ca.firebaseapp.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 05:49:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1029
age
9987
cdn-cachedat
01/02/2023 00:17:37
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b304ad0c8446051edfb91ee9668a8b57
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7ae55a514e2a33f1-YUL
cdn-requestpullsuccess
True
jyowta.css
aww.moe/
0
0

Primary Request /
sect-act-part-ca-ag.mablog.eu/CA2023/
18 KB
6 KB
Document
General
Full URL
https://sect-act-part-ca-ag.mablog.eu/CA2023/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1ab0:7e1e:220:ed:0:140:40 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software
nginx /
Resource Hash
efa87a768f0148054b815e1ff077efaddaed43f9dd8b7cf24333c869b6e62490

Request headers

Referer
https://page-web-ca.firebaseapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 27 Mar 2023 05:49:57 GMT
etag
W/"5d5ab281-4958"
server
nginx
webloader-web.css
www.endora.cz/webtemp/css/web/
424 KB
100 KB
Stylesheet
General
Full URL
https://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
Requested by
Host: sect-act-part-ca-ag.mablog.eu
URL: https://sect-act-part-ca-ag.mablog.eu/CA2023/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software
nginx /
Resource Hash
630cf96edce060fb45093270106cdf2388ad8d8887dad3dc56fb381adf894498

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sect-act-part-ca-ag.mablog.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Mon, 27 Mar 2023 05:49:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Mar 2023 22:57:16 GMT
Server
nginx
ETag
W/"6418e4cc-69f06"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2419200
Connection
keep-alive
webloader-webHead.js
www.endora.cz/webtemp/css/webHead/
0
0
Script
General
Full URL
https://www.endora.cz/webtemp/css/webHead/webloader-webHead.js?1523432989
Requested by
Host: sect-act-part-ca-ag.mablog.eu
URL: https://sect-act-part-ca-ag.mablog.eu/CA2023/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sect-act-part-ca-ag.mablog.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

endoracz-freehosting-webhosting-zdarma.png
www.endora.cz/images/
0
0

ico-hosted.png
www.endora.cz/images/
0
0

ico-newfast.png
www.endora.cz/images/
0
0

ico-registeredcz.png
www.endora.cz/images/
0
0

adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
140 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sect-act-part-ca-ag.mablog.eu
URL: https://sect-act-part-ca-ag.mablog.eu/CA2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
cc4346ceb669756c899c86a325201c06a9a4ae206089746743afc8ba28d47a6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sect-act-part-ca-ag.mablog.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 05:49:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48670
x-xss-protection
0
server
cafe
etag
9750345413751579896
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 27 Mar 2023 05:49:58 GMT
platebni-metody-freehostingu.png
www.endora.cz/images/
0
0

gopay.png
www.endora.cz/images/
3 KB
3 KB
Image
General
Full URL
https://www.endora.cz/images/gopay.png
Requested by
Host: sect-act-part-ca-ag.mablog.eu
URL: https://sect-act-part-ca-ag.mablog.eu/CA2023/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sect-act-part-ca-ag.mablog.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Mon, 27 Mar 2023 05:49:58 GMT
Last-Modified
Mon, 17 Aug 2020 11:37:20 GMT
Server
nginx
ETag
"5f3a6bf0-b4a"
Content-Type
image/png
Cache-Control
max-age=2419200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2890
plusone.js
apis.google.com/js/
54 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: sect-act-part-ca-ag.mablog.eu
URL: https://sect-act-part-ca-ag.mablog.eu/CA2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
b0b3d5a94325093351e44a0492e75c971ae8fa724147b9409b2200fe103e6ad9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sect-act-part-ca-ag.mablog.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Mar 2023 05:49:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21023
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"4e24de520bcc7431"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Mar 2023 05:49:58 GMT
api.js
www.google.com/recaptcha/
852 B
877 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: sect-act-part-ca-ag.mablog.eu
URL: https://sect-act-part-ca-ag.mablog.eu/CA2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
7f90addfaeeda0676dbc7f5467938de83ad081cbb2ec64b4c5a2560dff262b98
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sect-act-part-ca-ag.mablog.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 05:49:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
557
x-xss-protection
1; mode=block
expires
Mon, 27 Mar 2023 05:49:58 GMT
webloader-web.js
www.endora.cz/webtemp/js/web/
612 KB
205 KB
Script
General
Full URL
https://www.endora.cz/webtemp/js/web/webloader-web.js?1560241543
Requested by
Host: sect-act-part-ca-ag.mablog.eu
URL: https://sect-act-part-ca-ag.mablog.eu/CA2023/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software
nginx /
Resource Hash
0916183c630f90de6848e05550b0bd25d595c947ab08163f9646070baec57453

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sect-act-part-ca-ag.mablog.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Mon, 27 Mar 2023 05:49:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Mar 2023 22:57:13 GMT
Server
nginx
ETag
W/"6418e4c9-9903e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=29030400
Connection
keep-alive
gtm.js
www.googletagmanager.com/
249 KB
86 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5
Requested by
Host: sect-act-part-ca-ag.mablog.eu
URL: https://sect-act-part-ca-ag.mablog.eu/CA2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b56ff7529afb77e6aeee9408a0d1a073463d1c78f1a4923c83b55c861ee2d568
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sect-act-part-ca-ag.mablog.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 05:49:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87196
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Mar 2023 05:49:58 GMT
webloader-webPrint-print.css
www.endora.cz/webtemp/css/webPrint/
0
0

all.js
connect.facebook.net/cs_CZ/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/cs_CZ/all.js
Requested by
Host: sect-act-part-ca-ag.mablog.eu
URL: https://sect-act-part-ca-ag.mablog.eu/CA2023/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
67e25fddd7a9866463ce4b15b44dd9b179b119400ecc0a0d6f60811fd801d687
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sect-act-part-ca-ag.mablog.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Mar 2023 05:49:58 GMT
content-md5
yW1STIE4w7XfoxaY8c8EZA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
puux4cBbMjiI5jXPw7DvIw9ALWXHby0ln/siVsqXKZN2vvgu0M2X4Jf1pS3sWyHtD7d7F0Bbj93mhj7Udd8EEg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
x-fb-content-md5
36256d89dec955948503b4229cc227c3
cross-origin-opener-policy
same-origin-allow-popups
etag
"0c914672253a694f3a008b63540dafa1"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 27 Mar 2023 05:58:57 GMT
header-bg-2.png
www.endora.cz/assets/web/css/
2 KB
2 KB
Image
General
Full URL
https://www.endora.cz/assets/web/css/header-bg-2.png
Requested by
Host: www.endora.cz
URL: https://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Mon, 27 Mar 2023 05:49:58 GMT
Last-Modified
Mon, 17 Aug 2020 11:37:20 GMT
Server
nginx
ETag
"5f3a6bf0-7a1"
Content-Type
image/png
Cache-Control
max-age=2419200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1953
slider-controls.png
www.endora.cz/assets/web/css/
2 KB
2 KB
Image
General
Full URL
https://www.endora.cz/assets/web/css/slider-controls.png
Requested by
Host: www.endora.cz
URL: https://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Mon, 27 Mar 2023 05:49:58 GMT
Last-Modified
Mon, 17 Aug 2020 11:37:20 GMT
Server
nginx
ETag
"5f3a6bf0-6d4"
Content-Type
image/png
Cache-Control
max-age=2419200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1748
socials.png
www.endora.cz/assets/web/css/
12 KB
12 KB
Image
General
Full URL
https://www.endora.cz/assets/web/css/socials.png
Requested by
Host: www.endora.cz
URL: https://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:1ab0:7e1e:220:ed::4 , Czech Republic, ASN29134 (IGNUM-AS Czech Republic, CZ),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.endora.cz/webtemp/css/web/webloader-web.css?1559213366
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Mon, 27 Mar 2023 05:49:58 GMT
Last-Modified
Mon, 17 Aug 2020 11:37:20 GMT
Server
nginx
ETag
"5f3a6bf0-309f"
Content-Type
image/png
Cache-Control
max-age=2419200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12447
all.js
connect.facebook.net/cs_CZ/
303 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/cs_CZ/all.js?hash=0cd726f2c0b4ae62c3b1a4be01578999
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/cs_CZ/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6280c14e81f621d21f0d7ef08cbc9c72dcab992325df1cf0bf48eb8045282feb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sect-act-part-ca-ag.mablog.eu/
Origin
https://sect-act-part-ca-ag.mablog.eu
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Mar 2023 05:49:58 GMT
content-md5
S1PVeN+B/KNb328mIm8/Zw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87065
x-fb-rlafr
0
x-fb-debug
7/4KUcHm1HhEDfj5TAlcBCmiOn7FP7A5pmRBln/0xr6xZd5fHwEIRyh/1UlRvXGjR0bBgRpRYz5N4u5PIcUiCA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
e73391dc5d96d9698174f3dabd0388c9
cross-origin-opener-policy
same-origin-allow-popups
etag
"ec7d204bd2dc28d0785e2b7a8b6dad50"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 26 Mar 2024 04:16:43 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.zUi2Oiqh0cQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/
150 KB
52 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.zUi2Oiqh0cQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e4290af3fbde60e8a1ff2b7b958726ced60e9a92fecc0008d7b7a9ce1eee5da5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sect-act-part-ca-ag.mablog.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 15:44:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53023
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 16:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Mar 2024 15:44:11 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/
405 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sect-act-part-ca-ag.mablog.eu/
Origin
https://sect-act-part-ca-ag.mablog.eu
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sun, 26 Mar 2023 15:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166058
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 04:02:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Mar 2024 15:22:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sect-act-part-ca-ag.mablog.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Mar 2023 04:05:11 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6287
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 27 Mar 2023 06:05:11 GMT
retargeting.js
c.imedia.cz/js/
0
0

conversion_async.js
www.googleadservices.com/pagead/
43 KB
0
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sect-act-part-ca-ag.mablog.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 05:49:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15941
x-xss-protection
0
server
cafe
etag
13081576379604003182
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 27 Mar 2023 05:49:58 GMT
js
www.googletagmanager.com/gtag/
178 KB
65 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-995118708
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb82bcd6b3c33d674bb5712ad553c93b134759aeb8535daef611db9fa6518624
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sect-act-part-ca-ag.mablog.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 05:49:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66223
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Mar 2023 05:49:58 GMT
css2
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;500;700;900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sect-act-part-ca-ag.mablog.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Mar 2023 05:49:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 05:33:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Mar 2023 05:49:58 GMT
js
www.googletagmanager.com/gtag/
197 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XFHYHKMEEW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5S8CZ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7e8455aec99c03e9a7626fbd788b0cb7a285805a7b70281316e35dc11fa7d61b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sect-act-part-ca-ag.mablog.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 05:49:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72569
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 27 Mar 2023 05:49:58 GMT
815-cookie-icon.svg
www.webglobe.cz/upload/
0
0

WEBGLOBE_logo.svg
www.webglobe.cz/assets/front/img/
0
0

show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/
350 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sect-act-part-ca-ag.mablog.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 05:49:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119746
x-xss-protection
0
server
cafe
etag
8473844943419397532
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Mar 2023 05:49:58 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/ Frame F245
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230322/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sect-act-part-ca-ag.mablog.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
52109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 26 Mar 2023 15:21:29 GMT
etag
2378337311435320485
expires
Sun, 09 Apr 2023 15:21:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=1409391765942444&input_token&origin=1&redirect_uri=https%3A%2F%2Fsect-act-part-ca-ag.mablog.eu%2FCA2023%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/cs_CZ/all.js?hash=0cd726f2c0b4ae62c3b1a4be01578999
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sect-act-part-ca-ag.mablog.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Mon, 27 Mar 2023 05:49:58 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
KT8MZlb9f0B7GGSh8hZTL0Ldvdv9GjMp+oc5GiIz0fMfqAO4vAeZJZU/WJG2Pyl4MgN63kN5wRThZiCGcj9syQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sect-act-part-ca-ag.mablog.eu
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
analytics.google.com/g/
0
0

collect
stats.g.doubleclick.net/g/
0
0

ga-audiences
www.google.ca/ads/
0
0

collect
www.google-analytics.com/j/
0
0

cookie.js
partner.googleadservices.com/gampad/
0
0

integrator.js
adservice.google.ca/adsid/
0
0

integrator.js
adservice.google.com/adsid/
0
0

ads
googleads.g.doubleclick.net/pagead/ Frame 5B1E
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aww.moe
URL
https://aww.moe/jyowta.css
Domain
www.endora.cz
URL
https://www.endora.cz/images/endoracz-freehosting-webhosting-zdarma.png
Domain
www.endora.cz
URL
https://www.endora.cz/images/ico-hosted.png
Domain
www.endora.cz
URL
https://www.endora.cz/images/ico-newfast.png
Domain
www.endora.cz
URL
https://www.endora.cz/images/ico-registeredcz.png
Domain
www.endora.cz
URL
https://www.endora.cz/images/platebni-metody-freehostingu.png
Domain
www.endora.cz
URL
https://www.endora.cz/webtemp/css/webPrint/webloader-webPrint-print.css?1523432989
Domain
c.imedia.cz
URL
https://c.imedia.cz/js/retargeting.js
Domain
www.webglobe.cz
URL
https://www.webglobe.cz/upload/815-cookie-icon.svg
Domain
www.webglobe.cz
URL
https://www.webglobe.cz/assets/front/img/WEBGLOBE_logo.svg
Domain
analytics.google.com
URL
https://analytics.google.com/g/collect?v=2&tid=G-XFHYHKMEEW&gtm=45je33m0&_p=2045831836&_gaz=1&cid=1672208856.1679896199&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679896198&sct=1&seg=0&dl=https%3A%2F%2Fsect-act-part-ca-ag.mablog.eu%2FCA2023%2F&dr=https%3A%2F%2Fpage-web-ca.firebaseapp.com%2F&dt=Dom%C3%A9na%20odstavena%7C%20Endora.cz&en=page_view&_fv=1&_nsi=1&_ss=1
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XFHYHKMEEW&cid=1672208856.1679896199&gtm=45je33m0&aip=1
Domain
www.google.ca
URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XFHYHKMEEW&cid=1672208856.1679896199&gtm=45je33m0&aip=1&z=1546336396
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2045831836&t=pageview&_s=1&dl=https%3A%2F%2Fsect-act-part-ca-ag.mablog.eu%2FCA2023%2F&dr=https%3A%2F%2Fpage-web-ca.firebaseapp.com%2F&ul=en-us&de=UTF-8&dt=Dom%C3%A9na%20odstavena%7C%20Endora.cz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1300913033&gjid=449099784&cid=1672208856.1679896199&tid=UA-5967828-26&_gid=1411014063.1679896199&_r=1&_slc=1&gtm=45He33m0n715S8CZ5&z=1204442402
Domain
partner.googleadservices.com
URL
https://partner.googleadservices.com/gampad/cookie.js?domain=sect-act-part-ca-ag.mablog.eu&callback=_gfp_s_&client=ca-pub-5207119889962754
Domain
adservice.google.ca
URL
https://adservice.google.ca/adsid/integrator.js?domain=sect-act-part-ca-ag.mablog.eu
Domain
adservice.google.com
URL
https://adservice.google.com/adsid/integrator.js?domain=sect-act-part-ca-ag.mablog.eu
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5207119889962754&output=html&h=250&slotname=8624521180&adk=157814446&adf=677210104&pi=t.ma~as.8624521180&w=250&lmt=1679896198&format=250x250&url=https%3A%2F%2Fsect-act-part-ca-ag.mablog.eu%2FCA2023%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679896198639&bpp=4&bdt=1201&idt=186&shv=r20230322&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&correlator=5559200290079&frm=20&pv=2&ga_vid=1672208856.1679896199&ga_sid=1679896199&ga_hid=2045831836&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1137&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44777876%2C44773810%2C44759837%2C31073107%2C31073262%2C44786500%2C44787455&oid=2&pvsid=1913540290819933&tmod=1105847509&uas=0&nvt=1&ref=https%3A%2F%2Fpage-web-ca.firebaseapp.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AK4LbKZEEk&p=https%3A//sect-act-part-ca-ag.mablog.eu&dtd=204

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| dataLayer

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: https://aww.moe/jyowta.css
Message:
Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR
network error URL: https://sect-act-part-ca-ag.mablog.eu/CA2023/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.endora.cz/webtemp/css/webHead/webloader-webHead.js?1523432989
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ca
adservice.google.com
analytics.google.com
apis.google.com
aww.moe
c.imedia.cz
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
page-web-ca.firebaseapp.com
pagead2.googlesyndication.com
partner.googleadservices.com
sect-act-part-ca-ag.mablog.eu
stats.g.doubleclick.net
www.endora.cz
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.webglobe.cz
adservice.google.ca
adservice.google.com
analytics.google.com
aww.moe
c.imedia.cz
googleads.g.doubleclick.net
partner.googleadservices.com
stats.g.doubleclick.net
www.endora.cz
www.google-analytics.com
www.google.ca
www.webglobe.cz
142.251.35.162
2001:1ab0:7e1e:220:ed:0:140:40
2001:1ab0:7e1e:220:ed::4
2606:4700::6812:bcf
2607:f8b0:4006:80f::2008
2607:f8b0:4006:816::2004
2607:f8b0:4006:816::200a
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81e::200e
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::200e
2620:0:890::100
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
0916183c630f90de6848e05550b0bd25d595c947ab08163f9646070baec57453
0ab5045497fe34a5a455c024ae4750cdb2fd2af31dc4411cf4ee06310246cab6
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
6280c14e81f621d21f0d7ef08cbc9c72dcab992325df1cf0bf48eb8045282feb
630cf96edce060fb45093270106cdf2388ad8d8887dad3dc56fb381adf894498
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
67e25fddd7a9866463ce4b15b44dd9b179b119400ecc0a0d6f60811fd801d687
7e8455aec99c03e9a7626fbd788b0cb7a285805a7b70281316e35dc11fa7d61b
7f90addfaeeda0676dbc7f5467938de83ad081cbb2ec64b4c5a2560dff262b98
b0b3d5a94325093351e44a0492e75c971ae8fa724147b9409b2200fe103e6ad9
b56ff7529afb77e6aeee9408a0d1a073463d1c78f1a4923c83b55c861ee2d568
cc4346ceb669756c899c86a325201c06a9a4ae206089746743afc8ba28d47a6c
e4290af3fbde60e8a1ff2b7b958726ced60e9a92fecc0008d7b7a9ce1eee5da5
efa87a768f0148054b815e1ff077efaddaed43f9dd8b7cf24333c869b6e62490
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fb82bcd6b3c33d674bb5712ad553c93b134759aeb8535daef611db9fa6518624