www.michalspacek.com Open in urlscan Pro
2a05:d018:252:8f00:fe52:a8fb:27cb:748a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://michalspacek.com/overriding-http-response-content-in-chrome
Effective URL:
https://www.michalspacek.com/overriding-http-response-content-in-chrome
Submission: On January 31 via manual (January 31st 2024, 2:48:44 am UTC) from DE — Scanned from DE

Summary HTTP 17 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 2a05:d018:252:8f00:fe52:a8fb:27cb:748a, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.michalspacek.com.
TLS certificate: Issued by R3 on January 28th 2024. Valid for: 3 months.

This is the only time www.michalspacek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 18	2a05:d018:252... 2a05:d018:252:8f00:fe52:a8fb:27cb:748a		16509 (AMAZON-02) (AMAZON-02)
17	1

18 2a05:d018:252:8f00:fe52:a8fb:27cb:748a (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

michalspacek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.michalspacek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.michalspacek.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	michalspacek.cz www.michalspacek.cz	131 KB
2	michalspacek.com 1 redirects michalspacek.com www.michalspacek.com	7 KB
17	2

	Domain	Requested by
16	www.michalspacek.cz	www.michalspacek.com
1	www.michalspacek.com
1	michalspacek.com	1 redirects
17	3

This site contains links to these domains. Also see Links.

Domain
example.com
httpbin.org
creativecommons.org
www.linkedin.com
twitter.com
infosec.exchange
www.facebook.com
github.com
www.michalspacek.cz
upcwifikeys.com
pulse.michalspacek.cz

Subject Issuer	Validity	Valid
michalspacek.cz R3	`2024-01-28` - `2024-04-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.michalspacek.com/overriding-http-response-content-in-chrome
Frame ID: F594D3C2C1AEFAC1D6B488B9D26605B0
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Overriding HTTP response content in Chrome | Michal Špaček

Page URL History Show full URLs

http://michalspacek.com/overriding-http-response-content-in-chrome HTTP 307
https://michalspacek.com/overriding-http-response-content-in-chrome HTTP 301
https://www.michalspacek.com/overriding-http-response-content-in-chrome Page URL

Page Statistics

17
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

1
IPs

1
Countries

137 kB
Transfer

160 kB
Size

2
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://example.com/
Title: example.com

Search URL Search Domain Scan URL

URL: https://httpbin.org/
Title: httpbin.org

Search URL Search Domain Scan URL

URL: https://creativecommons.org/licenses/by/4.0/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/spaze
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/spazef0rze
Title: @spazef0rze

Search URL Search Domain Scan URL

URL: https://infosec.exchange/@spazef0rze
Title: Mastodon

Search URL Search Domain Scan URL

URL: https://www.facebook.com/spaze
Title: Facebook

Search URL Search Domain Scan URL

URL: https://github.com/spaze
Title: GitHub

Search URL Search Domain Scan URL

URL: https://www.michalspacek.cz/prepisovani-obsahu-http-odpovedi-v-chrome
Title: Česky

Search URL Search Domain Scan URL

URL: https://upcwifikeys.com/
Title: UPC Wi-Fi keys

Search URL Search Domain Scan URL

URL: https://pulse.michalspacek.cz/passwords/storages
Title: Password storages

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://michalspacek.com/overriding-http-response-content-in-chrome HTTP 307
https://michalspacek.com/overriding-http-response-content-in-chrome HTTP 301
https://www.michalspacek.com/overriding-http-response-content-in-chrome Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request overriding-http-response-content-in-chrome Show response
www.michalspacek.com/
Redirect Chain

http://michalspacek.com/overriding-http-response-content-in-chrome
https://michalspacek.com/overriding-http-response-content-in-chrome
https://www.michalspacek.com/overriding-http-response-content-in-chrome

16 KB
6 KB

68ms
67ms

Document
text/html

2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.michalspacek.com/overriding-http-response-content-in-chrome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

363aea15675a67c908eb28911b6bed2e2654184f13ba0fa011579f26bc06b777

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src https://www.michalspacek.cz; script-src 'strict-dynamic' 'nonce-/AQFDSY+/e+aZQxHWz8Zopvj' https://www.michalspacek.cz 'report-sample'; style-src 'nonce-/AQFDSY+/e+aZQxHWz8Zopvj' https://www.michalspacek.cz 'report-sample'; frame-ancestors 'none'; form-action 'self'; base-uri 'none'; upgrade-insecure-requests; require-trusted-types-for 'script'; trusted-types; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'none'; img-src https://www.michalspacek.cz; script-src 'strict-dynamic' 'nonce-/AQFDSY+/e+aZQxHWz8Zopvj' https://www.michalspacek.cz 'report-sample'; style-src 'nonce-/AQFDSY+/e+aZQxHWz8Zopvj' https://www.michalspacek.cz 'report-sample'; frame-ancestors 'none'; form-action 'self'; base-uri 'none'; upgrade-insecure-requests; require-trusted-types-for 'script'; trusted-types; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 02:48:40 GMT
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), usb=(), interest-cohort=()
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
server: <script/src=//xss.sk></script>
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: X-Requested-With Cookie Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

Redirect headers

content-encoding: gzip
content-security-policy: default-src 'none'; form-action 'none'; require-trusted-types-for 'script'; trusted-types; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 02:48:40 GMT
location: https://www.michalspacek.com/overriding-http-response-content-in-chrome
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), usb=(), interest-cohort=()
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
server: <script/src=//xss.sk></script>
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

GET
H2 200 CkXCRS0j5L45MAzJS4ZcygqziIrEhniUgQywst7Af_I.css
www.michalspacek.cz/i/build/ 15 KB
5 KB 94ms
31ms Stylesheet
text/css 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.michalspacek.cz/i/build/CkXCRS0j5L45MAzJS4ZcygqziIrEhniUgQywst7Af_I.css

Requested by

Host: www.michalspacek.com
URL: https://www.michalspacek.com/overriding-http-response-content-in-chrome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx, <script/src=//xss.sk></script> / <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

Resource Hash

0a45c2452d23e4be39300cc94b865cca0ab3888ac4867894810cb0b2dec07ff2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.michalspacek.com/
Origin: https://www.michalspacek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 02:48:40 GMT
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
content-encoding: gzip
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>
last-modified: Tue, 23 Jan 2024 02:00:59 GMT
server: nginx, <script/src=//xss.sk></script>
etag: W/"65af1ddb-3d52"
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: https://www.michalspacek.com
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
cache-control: max-age=31536000, immutable
expires: Thu, 30 Jan 2025 02:48:40 GMT

GET
H2 200 wFfWZlsFEV_2rfcx7qSj_WXKHBeLsnNgNnfM3FTEiWw.js Show response
www.michalspacek.cz/i/build/ 5 KB
2 KB 123ms
60ms Script
application/javascript 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.michalspacek.cz/i/build/wFfWZlsFEV_2rfcx7qSj_WXKHBeLsnNgNnfM3FTEiWw.js

Requested by

Host: www.michalspacek.com
URL: https://www.michalspacek.com/overriding-http-response-content-in-chrome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx, <script/src=//xss.sk></script> / <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

Resource Hash

c057d6665b05115ff6adf731eea4a3fd65ca1c178bb273603677ccdc54c4896c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.michalspacek.com/
Origin: https://www.michalspacek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 02:48:40 GMT
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
content-encoding: gzip
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>
last-modified: Tue, 23 Jan 2024 02:00:59 GMT
server: nginx, <script/src=//xss.sk></script>
etag: W/"65af1ddb-15ee"
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.michalspacek.com
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
cache-control: max-age=31536000, immutable
expires: Thu, 30 Jan 2025 02:48:40 GMT

GET
H2 200 nnaYb0vpN6FPLlDiZrwd3E3tGv_FGCGeKIIP_e6v7cE.js Show response
www.michalspacek.cz/i/build/ 11 KB
5 KB 60ms
56ms Script
application/javascript 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.michalspacek.cz/i/build/nnaYb0vpN6FPLlDiZrwd3E3tGv_FGCGeKIIP_e6v7cE.js

Requested by

Host: www.michalspacek.com
URL: https://www.michalspacek.com/overriding-http-response-content-in-chrome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx, <script/src=//xss.sk></script> / <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

Resource Hash

9e76986f4be937a14f2e50e266bc1ddc4ded1affc518219e28820ffdeeafedc1

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.michalspacek.com/
Origin: https://www.michalspacek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 02:48:40 GMT
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
content-encoding: gzip
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>
last-modified: Tue, 23 Jan 2024 15:31:06 GMT
server: nginx, <script/src=//xss.sk></script>
etag: W/"65afdbba-2bc9"
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.michalspacek.com
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
cache-control: max-age=31536000, immutable
expires: Thu, 30 Jan 2025 02:48:40 GMT

GET
H2 200 Sropkdmjtb40XaXMEWGCAMyQIEiOR6hLU4sxct89fPk.js Show response
www.michalspacek.cz/i/build/ 443 B
967 B 61ms
57ms Script
application/javascript 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.michalspacek.cz/i/build/Sropkdmjtb40XaXMEWGCAMyQIEiOR6hLU4sxct89fPk.js

Requested by

Host: www.michalspacek.com
URL: https://www.michalspacek.com/overriding-http-response-content-in-chrome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx, <script/src=//xss.sk></script> / <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

Resource Hash

4aba2991d9a3b5be345da5cc11618200cc9020488e47a84b538b3172df3d7cf9

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.michalspacek.com/
Origin: https://www.michalspacek.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 02:48:40 GMT
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
content-encoding: gzip
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>
last-modified: Tue, 23 Jan 2024 02:13:07 GMT
server: nginx, <script/src=//xss.sk></script>
etag: W/"65af20b3-1bb"
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.michalspacek.com
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
cache-control: max-age=31536000, immutable
expires: Thu, 30 Jan 2025 02:48:40 GMT

GET
H2 200 override-content.png
www.michalspacek.cz/i/images/blog/chrome-content-overrides/ 17 KB
17 KB 63ms
63ms Image
image/png 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.michalspacek.cz/i/images/blog/chrome-content-overrides/override-content.png

Requested by

Host: www.michalspacek.com
URL: https://www.michalspacek.com/overriding-http-response-content-in-chrome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx, <script/src=//xss.sk></script> / <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

Resource Hash

cc36a0fdf71d75fdb45ef4d61207a8abd70e601a6f643c544d7d01f5f804cfe4

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.michalspacek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 02:48:40 GMT
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>
content-length: 17090
last-modified: Tue, 03 Oct 2023 22:59:42 GMT
server: nginx, <script/src=//xss.sk></script>
etag: "651c9cde-42c2"
x-frame-options: DENY
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: image/png
vary: Origin
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 07 Feb 2024 02:48:40 GMT

GET
H2 200 override-content-response.png
www.michalspacek.cz/i/images/blog/chrome-content-overrides/ 16 KB
17 KB 32ms
32ms Image
image/png 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.michalspacek.cz/i/images/blog/chrome-content-overrides/override-content-response.png

Requested by

Host: www.michalspacek.com
URL: https://www.michalspacek.com/overriding-http-response-content-in-chrome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx, <script/src=//xss.sk></script> / <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

Resource Hash

5b786a530c5b3b9725a8226fe295fbdbda97c5b0ab0f13c8bd680c5749a3fc00

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.michalspacek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 02:48:40 GMT
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>
content-length: 16363
last-modified: Tue, 03 Oct 2023 22:59:42 GMT
server: nginx, <script/src=//xss.sk></script>
etag: "651c9cde-3feb"
x-frame-options: DENY
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: image/png
vary: Origin
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 07 Feb 2024 02:48:40 GMT

GET
H2 200 select-override-folder.png
www.michalspacek.cz/i/images/blog/chrome-content-overrides/ 6 KB
6 KB 60ms
59ms Image
image/png 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.michalspacek.cz/i/images/blog/chrome-content-overrides/select-override-folder.png

Requested by

Host: www.michalspacek.com
URL: https://www.michalspacek.com/overriding-http-response-content-in-chrome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx, <script/src=//xss.sk></script> / <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

Resource Hash

af695d04ab77e9792834991c6a782acf8013edc2e3a4d122a2ecca03e8d86db3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.michalspacek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 02:48:40 GMT
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>
content-length: 5828
last-modified: Tue, 03 Oct 2023 22:59:42 GMT
server: nginx, <script/src=//xss.sk></script>
etag: "651c9cde-16c4"
x-frame-options: DENY
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: image/png
vary: Origin
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 07 Feb 2024 02:48:40 GMT

GET
H2 200 devtools-requests-full-access.png
www.michalspacek.cz/i/images/blog/chrome-content-overrides/ 6 KB
7 KB 61ms
60ms Image
image/png 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.michalspacek.cz/i/images/blog/chrome-content-overrides/devtools-requests-full-access.png

Requested by

Host: www.michalspacek.com
URL: https://www.michalspacek.com/overriding-http-response-content-in-chrome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx, <script/src=//xss.sk></script> / <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

Resource Hash

f7e8403ceb36ba14e99ee618522046f1ab00b56baecc76780c5b7707980963a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.michalspacek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 02:48:40 GMT
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>
content-length: 6189
last-modified: Tue, 03 Oct 2023 22:59:42 GMT
server: nginx, <script/src=//xss.sk></script>
etag: "651c9cde-182d"
x-frame-options: DENY
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: image/png
vary: Origin
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 07 Feb 2024 02:48:40 GMT

GET
H2 200 overriden-content-in-sources.png
www.michalspacek.cz/i/images/blog/chrome-content-overrides/ 10 KB
11 KB 36ms
32ms Image
image/png 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.michalspacek.cz/i/images/blog/chrome-content-overrides/overriden-content-in-sources.png

Requested by

Host: www.michalspacek.com
URL: https://www.michalspacek.com/overriding-http-response-content-in-chrome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx, <script/src=//xss.sk></script> / <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

Resource Hash

b8e8b28b48e8f7ed79684db8932978d93f69f7de36f248e80fd689a03b0e85cf

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.michalspacek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 02:48:40 GMT
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>
content-length: 10336
last-modified: Tue, 03 Oct 2023 22:59:42 GMT
server: nginx, <script/src=//xss.sk></script>
etag: "651c9cde-2860"
x-frame-options: DENY
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: image/png
vary: Origin
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 07 Feb 2024 02:48:40 GMT

GET
H2 200 override-content-network.png
www.michalspacek.cz/i/images/blog/chrome-content-overrides/ 4 KB
5 KB 33ms
33ms Image
image/png 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.michalspacek.cz/i/images/blog/chrome-content-overrides/override-content-network.png

Requested by

Host: www.michalspacek.com
URL: https://www.michalspacek.com/overriding-http-response-content-in-chrome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx, <script/src=//xss.sk></script> / <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

Resource Hash

0857d31851494279f2fe1d626e5d814d86701cd95b248d7060e336e54db7f972

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.michalspacek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 02:48:40 GMT
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>
content-length: 4413
last-modified: Tue, 03 Oct 2023 22:59:42 GMT
server: nginx, <script/src=//xss.sk></script>
etag: "651c9cde-113d"
x-frame-options: DENY
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: image/png
vary: Origin
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 07 Feb 2024 02:48:40 GMT

GET
H2 200 has-overrides.png
www.michalspacek.cz/i/images/blog/chrome-content-overrides/ 14 KB
15 KB 34ms
34ms Image
image/png 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.michalspacek.cz/i/images/blog/chrome-content-overrides/has-overrides.png

Requested by

Host: www.michalspacek.com
URL: https://www.michalspacek.com/overriding-http-response-content-in-chrome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx, <script/src=//xss.sk></script> / <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

Resource Hash

0b623ad2f1cd786c34cf9b72c25b95f19b5fde0c01daf2f94039bf2e1a9d34cd

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.michalspacek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 02:48:40 GMT
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>
content-length: 14773
last-modified: Fri, 13 Oct 2023 01:03:34 GMT
server: nginx, <script/src=//xss.sk></script>
etag: "65289766-39b5"
x-frame-options: DENY
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: image/png
vary: Origin
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 07 Feb 2024 02:48:40 GMT

GET
H2 200 override-content-example.png
www.michalspacek.cz/i/images/blog/chrome-content-overrides/ 8 KB
9 KB 35ms
35ms Image
image/png 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.michalspacek.cz/i/images/blog/chrome-content-overrides/override-content-example.png

Requested by

Host: www.michalspacek.com
URL: https://www.michalspacek.com/overriding-http-response-content-in-chrome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx, <script/src=//xss.sk></script> / <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

Resource Hash

a23fdbe66eab834ffa534e99544f05886143a03bcc8f6611670a77a53cd4753e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.michalspacek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 02:48:40 GMT
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>
content-length: 8283
last-modified: Tue, 03 Oct 2023 22:59:42 GMT
server: nginx, <script/src=//xss.sk></script>
etag: "651c9cde-205b"
x-frame-options: DENY
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: image/png
vary: Origin
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 07 Feb 2024 02:48:40 GMT

GET
H2 200 override-content-json.png
www.michalspacek.cz/i/images/blog/chrome-content-overrides/ 10 KB
11 KB 36ms
36ms Image
image/png 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.michalspacek.cz/i/images/blog/chrome-content-overrides/override-content-json.png

Requested by

Host: www.michalspacek.com
URL: https://www.michalspacek.com/overriding-http-response-content-in-chrome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx, <script/src=//xss.sk></script> / <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

Resource Hash

8bf4861eef817ef617f3eb1a07a4d18cba6dba29c28841fc6deb2d2f28afaa2a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.michalspacek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 02:48:40 GMT
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>
content-length: 10473
last-modified: Tue, 03 Oct 2023 22:59:42 GMT
server: nginx, <script/src=//xss.sk></script>
etag: "651c9cde-28e9"
x-frame-options: DENY
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: image/png
vary: Origin
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 07 Feb 2024 02:48:40 GMT

GET
H2 200 overriden-content-json.png
www.michalspacek.cz/i/images/blog/chrome-content-overrides/ 10 KB
10 KB 38ms
37ms Image
image/png 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.michalspacek.cz/i/images/blog/chrome-content-overrides/overriden-content-json.png

Requested by

Host: www.michalspacek.com
URL: https://www.michalspacek.com/overriding-http-response-content-in-chrome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx, <script/src=//xss.sk></script> / <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

Resource Hash

340758517c79f059f9b896b4d3a7721e5d1f0b7cdcc2c65d69230b33d8046fea

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.michalspacek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 02:48:40 GMT
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>
content-length: 10039
last-modified: Tue, 03 Oct 2023 22:59:42 GMT
server: nginx, <script/src=//xss.sk></script>
etag: "651c9cde-2737"
x-frame-options: DENY
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: image/png
vary: Origin
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 07 Feb 2024 02:48:40 GMT

GET
H2 200 delete-override-content.png
www.michalspacek.cz/i/images/blog/chrome-content-overrides/ 9 KB
9 KB 63ms
62ms Image
image/png 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.michalspacek.cz/i/images/blog/chrome-content-overrides/delete-override-content.png

Requested by

Host: www.michalspacek.com
URL: https://www.michalspacek.com/overriding-http-response-content-in-chrome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx, <script/src=//xss.sk></script> / <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

Resource Hash

3bc8594853f7ba123ff8ca7810bcebb1d9584948baa3fa16d5a5de6f2954e82b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.michalspacek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 02:48:40 GMT
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>
content-length: 9072
last-modified: Tue, 03 Oct 2023 22:59:42 GMT
server: nginx, <script/src=//xss.sk></script>
etag: "651c9cde-2370"
x-frame-options: DENY
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: image/png
vary: Origin
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 07 Feb 2024 02:48:40 GMT

GET
H2 200 michal-spacek.jpg
www.michalspacek.cz/i/images/ 779 B
1 KB 64ms
63ms Image
image/jpeg 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.michalspacek.cz/i/images/michal-spacek.jpg

Requested by

Host: www.michalspacek.com
URL: https://www.michalspacek.com/overriding-http-response-content-in-chrome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx, <script/src=//xss.sk></script> / <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>

Resource Hash

d0907aaaa028886d37138ea0c00e2803c86d4eb5409a048d93dd728ed4e3571b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.michalspacek.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 02:48:40 GMT
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src=//xss.sk title=inline_js_is_bad_mkay.gif>');</script>
content-length: 779
last-modified: Sun, 16 Jun 2019 02:47:51 GMT
server: nginx, <script/src=//xss.sk></script>
etag: "5d05add7-30b"
x-frame-options: DENY
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: image/jpeg
vary: Origin
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 07 Feb 2024 02:48:40 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Nette

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			michalspacek.com/	1969-12-31 23:59:59	Name: _nss Value: 1
			www.michalspacek.com/	1969-12-31 23:59:59	Name: _nss Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; img-src https://www.michalspacek.cz; script-src 'strict-dynamic' 'nonce-/AQFDSY+/e+aZQxHWz8Zopvj' https://www.michalspacek.cz 'report-sample'; style-src 'nonce-/AQFDSY+/e+aZQxHWz8Zopvj' https://www.michalspacek.cz 'report-sample'; frame-ancestors 'none'; form-action 'self'; base-uri 'none'; upgrade-insecure-requests; require-trusted-types-for 'script'; trusted-types; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

michalspacek.com
www.michalspacek.com
www.michalspacek.cz
2a05:d018:252:8f00:fe52:a8fb:27cb:748a
0857d31851494279f2fe1d626e5d814d86701cd95b248d7060e336e54db7f972
0a45c2452d23e4be39300cc94b865cca0ab3888ac4867894810cb0b2dec07ff2
0b623ad2f1cd786c34cf9b72c25b95f19b5fde0c01daf2f94039bf2e1a9d34cd
340758517c79f059f9b896b4d3a7721e5d1f0b7cdcc2c65d69230b33d8046fea
363aea15675a67c908eb28911b6bed2e2654184f13ba0fa011579f26bc06b777
3bc8594853f7ba123ff8ca7810bcebb1d9584948baa3fa16d5a5de6f2954e82b
4aba2991d9a3b5be345da5cc11618200cc9020488e47a84b538b3172df3d7cf9
5b786a530c5b3b9725a8226fe295fbdbda97c5b0ab0f13c8bd680c5749a3fc00
8bf4861eef817ef617f3eb1a07a4d18cba6dba29c28841fc6deb2d2f28afaa2a
9e76986f4be937a14f2e50e266bc1ddc4ded1affc518219e28820ffdeeafedc1
a23fdbe66eab834ffa534e99544f05886143a03bcc8f6611670a77a53cd4753e
af695d04ab77e9792834991c6a782acf8013edc2e3a4d122a2ecca03e8d86db3
b8e8b28b48e8f7ed79684db8932978d93f69f7de36f248e80fd689a03b0e85cf
c057d6665b05115ff6adf731eea4a3fd65ca1c178bb273603677ccdc54c4896c
cc36a0fdf71d75fdb45ef4d61207a8abd70e601a6f643c544d7d01f5f804cfe4
d0907aaaa028886d37138ea0c00e2803c86d4eb5409a048d93dd728ed4e3571b
f7e8403ceb36ba14e99ee618522046f1ab00b56baecc76780c5b7707980963a5

www.michalspacek.com Open in urlscan Pro 2a05:d018:252:8f00:fe52:a8fb:27cb:748a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

17 Requests

100 %HTTPS

100 %IPv6

2 Domains

3 Subdomains

1 IPs

1 Countries

137 kBTransfer

160 kBSize

2 Cookies

11 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

2 Cookies

2 Console Messages

Security Headers

Indicators

www.michalspacek.com Open in urlscan Pro
2a05:d018:252:8f00:fe52:a8fb:27cb:748a Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

1
IPs

1
Countries

137 kB
Transfer

160 kB
Size

2
Cookies

17 HTTP transactions
0 data transactions