urlscan.io logo urlscan.io
SecurityTrails logo

csobpomaharegionum.csob.cz Open in urlscan Pro
2a02:4a8:ac24:111::110:173  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://csobpomaharegionum.csob.cz/
Effective URL: https://csobpomaharegionum.csob.cz/
Submission: On April 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 43 HTTP transactions. The main IP is 2a02:4a8:ac24:111::110:173, located in Czech Republic and belongs to ACTIVE24-AS www.active24.cz, CZ. The main domain is csobpomaharegionum.csob.cz.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 22nd 2023. Valid for: a year.
This is the only time csobpomaharegionum.csob.cz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 2a02:4a8:ac24... 25234 (ACTIVE24-...)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
11 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.250.185.130 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
43 7
22    2a02:4a8:ac24:111::110:173 (Czech Republic)

ASN25234 (ACTIVE24-AS www.active24.cz, CZ)
csobpomaharegionum.csob.cz
4    2a02:26f0:3500:16::215:149a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
3    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
11    2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pagead2.googlesyndication.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
22 csob.cz
csobpomaharegionum.csob.cz
435 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 306
166 KB
5 typekit.net
use.typekit.net — Cisco Umbrella Rank: 463
p.typekit.net — Cisco Umbrella Rank: 574
90 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
271 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404
261 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
64 B
43 6
Domain Requested by
22 csobpomaharegionum.csob.cz csobpomaharegionum.csob.cz
11 cdn.cookielaw.org csobpomaharegionum.csob.cz
cdn.cookielaw.org
4 use.typekit.net csobpomaharegionum.csob.cz
use.typekit.net
3 www.googletagmanager.com csobpomaharegionum.csob.cz
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 p.typekit.net use.typekit.net
43 7
Subject Issuer Validity Valid
csobpomaharegionum.csob.cz
DigiCert SHA2 Extended Validation Server CA		 2023-06-22 -
2024-06-21		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://csobpomaharegionum.csob.cz/
Frame ID: A61442C3343FAD2A850D7D52EC5B58AF
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Úvod - ČSOB pomáhá regionům

Page URL History Show full URLs

  1. http://csobpomaharegionum.csob.cz/ HTTP 307
    https://csobpomaharegionum.csob.cz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

964 kB
Transfer

2281 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://csobpomaharegionum.csob.cz/ HTTP 307
    https://csobpomaharegionum.csob.cz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
csobpomaharegionum.csob.cz/
Redirect Chain
  • http://csobpomaharegionum.csob.cz/
  • https://csobpomaharegionum.csob.cz/
45 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
e259c010725c3adc6987b997f7d280701cb4ca6bbecc171d2bbc988366bb1a65
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
private, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 25 Apr 2024 19:39:09 GMT
expires
-1
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block; report=/report

Redirect headers

Location
https://csobpomaharegionum.csob.cz/
Non-Authoritative-Reason
HttpsUpgrades
common.css
csobpomaharegionum.csob.cz/assets/dist/front/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csobpomaharegionum.csob.cz/assets/dist/front/css/common.css?1709823339
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
bd5a4023c002aad620ff4d4f1a418c83f5340bc43f76f2ec61238554d7498a9d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-encoding
gzip
content-length
3548
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 07 Mar 2024 14:55:39 GMT
server
nginx
etag
"4844-6131344bff0c0-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Fri, 25 Apr 2025 19:39:10 GMT
parts.css
csobpomaharegionum.csob.cz/assets/dist/front/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csobpomaharegionum.csob.cz/assets/dist/front/css/parts.css?1709823346
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
5a843121dc20081fe190a2f8d5134756895138265f49ca59cedf39ae94743715
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-encoding
gzip
content-length
5340
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 07 Mar 2024 14:55:46 GMT
server
nginx
etag
"6e40-61313452ac080-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Fri, 25 Apr 2025 19:39:10 GMT
wsg5qdm.css
use.typekit.net/ 		3 KB
905 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wsg5qdm.css
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e196c8088deae8ca1e8da638eeb3ad62aa9ec273565308986ec47854f802fec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 25 Apr 2024 19:39:10 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
682
intro.css
csobpomaharegionum.csob.cz/assets/dist/front/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csobpomaharegionum.csob.cz/assets/dist/front/css/intro.css?1709823396
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
2e9db88b5a1ee4b73c36da3a353ab1721a5696964a4ed3f25015db1f36a1538c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-encoding
gzip
content-length
1958
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 07 Mar 2024 14:56:36 GMT
server
nginx
etag
"2d2f-613134825b100-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Fri, 25 Apr 2025 19:39:10 GMT
countdown.css
csobpomaharegionum.csob.cz/assets/dist/front/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csobpomaharegionum.csob.cz/assets/dist/front/css/countdown.css?1709823382
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
624544d6df2727e055505f48fba232a629fe38ec29c70ce073a54e02054d15cb
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-encoding
gzip
content-length
592
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 07 Mar 2024 14:56:22 GMT
server
nginx
etag
"702-6131347501180-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Fri, 25 Apr 2025 19:39:10 GMT
block.css
csobpomaharegionum.csob.cz/assets/dist/front/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csobpomaharegionum.csob.cz/assets/dist/front/css/block.css?1709823369
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
7bbe8af169e490a43df2c055c12024a717a97708503ec3cb1ec4d67007ba712b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-encoding
gzip
content-length
1944
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 07 Mar 2024 14:56:09 GMT
server
nginx
etag
"23f3-613134689b440-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Fri, 25 Apr 2025 19:39:10 GMT
carousel.css
csobpomaharegionum.csob.cz/assets/dist/front/css/ 		319 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csobpomaharegionum.csob.cz/assets/dist/front/css/carousel.css?1709823350
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
c73f8200428afe5f14b2dad7ac1f13340487296357ed137dd95cae29a8b9f12a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-encoding
gzip
content-length
180
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 07 Mar 2024 14:55:50 GMT
server
nginx
etag
"13f-613134567c980-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Fri, 25 Apr 2025 19:39:10 GMT
picked.css
csobpomaharegionum.csob.cz/assets/dist/front/css/ 		4 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csobpomaharegionum.csob.cz/assets/dist/front/css/picked.css?1709823400
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
163f46e2ecc454abe015caa88ff59bb787c6580712db25091f672a00acb5fecc
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-encoding
gzip
content-length
1072
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 07 Mar 2024 14:56:40 GMT
server
nginx
etag
"f80-613134862ba00-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Fri, 25 Apr 2025 19:39:10 GMT
oceneni-odpovednost@2.png
csobpomaharegionum.csob.cz/assets/img/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csobpomaharegionum.csob.cz/assets/img/oceneni-odpovednost@2.png?1709823466
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
5c31435893c094811b757c31e611f4c0d1ba73e8157a4e794e55c10655431997
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-length
21222
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 07 Mar 2024 14:57:46 GMT
server
nginx
etag
"52e6-613134c5af95b"
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Sat, 25 May 2024 19:39:10 GMT
libs.js
csobpomaharegionum.csob.cz/assets/dist/front/js/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csobpomaharegionum.csob.cz/assets/dist/front/js/libs.js?1707306990
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
1c4e824375f60305a48287bca00d40cefd551cd056feb6ef9bcbab4f814da9fb
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-encoding
gzip
content-length
30577
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 07 Feb 2024 11:56:30 GMT
server
nginx
etag
"17b1a-610c962a95780-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=31536000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Fri, 25 Apr 2025 19:39:10 GMT
libs-gsap.js
csobpomaharegionum.csob.cz/assets/dist/front/js/ 		151 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csobpomaharegionum.csob.cz/assets/dist/front/js/libs-gsap.js?1708943608
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
b35e82db01f6b236763b3238c94e174e8d31ea55ccb23c15634c086fcca7b8d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-encoding
gzip
content-length
50400
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 26 Feb 2024 10:33:28 GMT
server
nginx
etag
"25d6c-6124670b22e00-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=31536000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Fri, 25 Apr 2025 19:39:10 GMT
libs-jquery.js
csobpomaharegionum.csob.cz/assets/dist/front/js/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csobpomaharegionum.csob.cz/assets/dist/front/js/libs-jquery.js?1707306997
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
1f114c4ad960771f34cca339b1e1ebc8e7ca2f97f8fdff5bf22e9887d7f4e46b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-encoding
gzip
content-length
29794
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 07 Feb 2024 11:56:37 GMT
server
nginx
etag
"14e04-610c963142740-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=31536000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Fri, 25 Apr 2025 19:39:10 GMT
helpers.js
csobpomaharegionum.csob.cz/assets/dist/front/js/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csobpomaharegionum.csob.cz/assets/dist/front/js/helpers.js?1708943608
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
ae108ce54afa807c1672d7b4a136a59c7eed254c5fb53b3e344ace91b371c105
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-encoding
gzip
content-length
7670
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 26 Feb 2024 10:33:28 GMT
server
nginx
etag
"6b7f-6124670b22e00-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=31536000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Fri, 25 Apr 2025 19:39:10 GMT
homepage.js
csobpomaharegionum.csob.cz/assets/dist/front/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csobpomaharegionum.csob.cz/assets/dist/front/js/homepage.js?1708943608
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
9daf5c0167af311b1f01cd40dbea7abd7bc097c95aeaf382f9db626f68a56665
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-encoding
gzip
content-length
1716
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 26 Feb 2024 10:33:28 GMT
server
nginx
etag
"122c-6124670b22e00-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=31536000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Fri, 25 Apr 2025 19:39:10 GMT
common.js
csobpomaharegionum.csob.cz/assets/dist/front/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csobpomaharegionum.csob.cz/assets/dist/front/js/common.js?1708943608
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
2528435eb7bd2aff15dbc5f5a1df8df9760d3c4c5f2464ba3220fafd17d87474
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-encoding
gzip
content-length
3823
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 26 Feb 2024 10:33:28 GMT
server
nginx
etag
"2a49-6124670b22e00-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=31536000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Fri, 25 Apr 2025 19:39:10 GMT
libs-raven.js
csobpomaharegionum.csob.cz/assets/dist/front/js/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csobpomaharegionum.csob.cz/assets/dist/front/js/libs-raven.js?1707306998
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
18d8010b628f93fa2e02395b20fce91f6d98986a078548d12bc82ec47258475d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-encoding
gzip
content-length
14008
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 07 Feb 2024 11:56:38 GMT
server
nginx
etag
"972f-610c963236980-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=31536000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Fri, 25 Apr 2025 19:39:10 GMT
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=wsg5qdm&ht=tk&f=139.173.175&a=139949233&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wsg5qdm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.typekit.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
gtm.js
www.googletagmanager.com/ 		274 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQVTK43
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
44a03bad37bf18ee086f964f9e0a942138a4b8dc09a16452f318b9719a651867
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96196
x-xss-protection
0
last-modified
Thu, 25 Apr 2024 18:56:21 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 25 Apr 2024 19:39:10 GMT
csob-logo.svg
csobpomaharegionum.csob.cz/assets/img/ 		19 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csobpomaharegionum.csob.cz/assets/img/csob-logo.svg
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/assets/dist/front/css/parts.css?1709823346
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
fff122b2a1537f0a7cf2058e30c6f6f9e0d67f6091c56292775800bbefc4e50e
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/assets/dist/front/css/parts.css?1709823346
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-encoding
gzip
content-length
7991
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 19 Apr 2024 13:04:30 GMT
server
nginx
etag
"4b6c-61672ba71f2f4-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
max-age=2592000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Sat, 25 May 2024 19:39:10 GMT
heart.png
csobpomaharegionum.csob.cz/assets/img/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csobpomaharegionum.csob.cz/assets/img/heart.png
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/assets/dist/front/css/intro.css?1709823396
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
d19df6bda6ed561da13884f7dc98b19ab8a24e7a3e98eec0ffa0dee0bb8df12b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/assets/dist/front/css/intro.css?1709823396
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-length
117390
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 07 Mar 2024 14:57:45 GMT
server
nginx
etag
"1ca8e-613134c4adc8a"
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Sat, 25 May 2024 19:39:10 GMT
chameleon.png
csobpomaharegionum.csob.cz/assets/img/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csobpomaharegionum.csob.cz/assets/img/chameleon.png
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/assets/dist/front/css/intro.css?1709823396
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
5f6a7ccee6b32b4c6d8c0972d85986687954a746a3b3cd73fb9996b784bea969
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/assets/dist/front/css/intro.css?1709823396
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-length
29500
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 07 Mar 2024 14:57:43 GMT
server
nginx
etag
"733c-613134c2e0ddd"
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Sat, 25 May 2024 19:39:10 GMT
l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=9534f20d24153432f138f14be19fe00ed05018076afc824dd1a6f6ca76bae7c7&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wsg5qdm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cb4e2b87f9f0ec99be837f2ba23ce88f3f25b072e9d169fd2ea0877e7237afd9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.typekit.net/wsg5qdm.css
Origin
https://csobpomaharegionum.csob.cz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
server
nginx
etag
"51bda78aad9c5423acc95776d7423bb399a47d50"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30300
l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=9534f20d24153432f138f14be19fe00ed05018076afc824dd1a6f6ca76bae7c7&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wsg5qdm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
51f45bd359b9a231bd8966b893013c57843799880c0975861fb28910e2f93d0c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.typekit.net/wsg5qdm.css
Origin
https://csobpomaharegionum.csob.cz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
server
nginx
etag
"66e998684f990846878a3d7c04286c6100056385"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30588
l
use.typekit.net/af/576d53/00000000000000003b9b3066/27/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/576d53/00000000000000003b9b3066/27/l?primer=9534f20d24153432f138f14be19fe00ed05018076afc824dd1a6f6ca76bae7c7&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wsg5qdm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3d3c4c09770465f72c7f2652e852c77b026f506f55e5ebfa67fd35a6344149f2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.typekit.net/wsg5qdm.css
Origin
https://csobpomaharegionum.csob.cz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
server
nginx
etag
"4ed033544104d5f44aa984af97216f6a6352204a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
29940
promo-project.jpg
csobpomaharegionum.csob.cz/assets/img/home/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csobpomaharegionum.csob.cz/assets/img/home/promo-project.jpg?1709823466
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
a0da90523927f24f6b24f5283f6c24ee1de5165708bee7d938128639d67f96e1
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-length
36366
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 07 Mar 2024 14:57:46 GMT
server
nginx
etag
"8e0e-613134c53a670"
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Sat, 25 May 2024 19:39:10 GMT
how.jpg
csobpomaharegionum.csob.cz/assets/img/home/ 		34 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csobpomaharegionum.csob.cz/assets/img/home/how.jpg?1709823466
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
57593bb6cec11bfc0be2efa3557b9ed8838fa01b42a2cff6bab5414561532e4d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-length
34964
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 07 Mar 2024 14:57:46 GMT
server
nginx
etag
"8894-613134c51e155"
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Sat, 25 May 2024 19:39:10 GMT
js
www.googletagmanager.com/gtag/ 		287 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RNNKSPHYCT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQVTK43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bba2a696dc16ca5f26c87aa2c2811b819f6cfce0eaf28cc57c6be1ccb38b8e67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98709
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 Apr 2024 19:39:10 GMT
destination
www.googletagmanager.com/gtag/ 		225 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-1035845248&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQVTK43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f8b8310023b9e0de423b111dbf63a7f0abb6cde2d19e4bfb8ae5acf41697436e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82086
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 25 Apr 2024 19:39:10 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 25 Apr 2024 19:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
zgTRIDojRJmnmBTwUyI2Vw==
age
82794
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Wed, 24 Apr 2024 02:34:14 GMT
server
cloudflare
etag
0x8DC64070814D9A8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
91415424-301e-0069-1b61-9600cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87a0cc2f6b1b085d-FRA
601d51af-6197-4fef-8c9d-161452538d80.json
cdn.cookielaw.org/consent/601d51af-6197-4fef-8c9d-161452538d80/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/601d51af-6197-4fef-8c9d-161452538d80/601d51af-6197-4fef-8c9d-161452538d80.json
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/assets/dist/front/js/libs-raven.js?1707306998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a978420a074cab54683ffaa234300996d5798d8178c267587d83f212311eed78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 25 Apr 2024 19:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
15541
content-md5
KxNYnbgBIia99UV9OQhp4Q==
content-length
1512
x-ms-lease-status
unlocked
last-modified
Wed, 17 Apr 2024 13:32:49 GMT
server
cloudflare
etag
0x8DC5EE2E01E831B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0f6b31ea-a01e-008f-5acd-90b0e9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87a0cc2febfc6927-FRA
expires
Fri, 26 Apr 2024 19:39:10 GMT
favicon-32x32.png
csobpomaharegionum.csob.cz/assets/img/favicons/ 		516 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://csobpomaharegionum.csob.cz/assets/img/favicons/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4a8:ac24:111::110:173 , Czech Republic, ASN25234 (ACTIVE24-AS www.active24.cz, CZ),
Reverse DNS
Software
nginx /
Resource Hash
3f97e1e4570c6f340d856670f6c7771bfb780c9ce1edcd309f93443203339e6b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms, upgrade-insecure-requests
content-length
516
x-xss-protection
1; mode=block; report=/report
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 07 Mar 2024 14:57:44 GMT
server
nginx
etag
"204-613134c40e9c6"
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
image/png
cache-control
max-age=2592000
feature-policy
fullscreen 'self' https://www.youtube.com https://www.vimeo.com; gyroscope 'self'; geolocation 'self'
accept-ranges
bytes
expires
Sat, 25 May 2024 19:39:10 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202303.2.0/ 		400 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8e166157d90ed13492b8627e50c606aeab874cd0a5d6ed3b7c8a7988a3d46d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 25 Apr 2024 19:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Sw59qQKTUz8IJh2hCY03KQ==
age
14729
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
98810
x-ms-lease-status
unlocked
last-modified
Tue, 16 May 2023 03:39:51 GMT
server
cloudflare
etag
0x8DB55BF34FA32B5
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
36866bdb-a01e-007b-2b02-247b1f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87a0cc303c11085d-FRA
cs.json
cdn.cookielaw.org/consent/601d51af-6197-4fef-8c9d-161452538d80/d7649412-7c59-45f6-b9da-7290245899b2/ 		86 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/601d51af-6197-4fef-8c9d-161452538d80/d7649412-7c59-45f6-b9da-7290245899b2/cs.json
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/assets/dist/front/js/libs-raven.js?1707306998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23178e036e1cb251d9f905f7fa8357a36171dbe3997186cc4341cd6648334f36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 25 Apr 2024 19:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
15540
content-md5
86fElBNZjKU5JH/+URqb/w==
content-length
22662
x-ms-lease-status
unlocked
last-modified
Wed, 17 Apr 2024 13:32:57 GMT
server
cloudflare
etag
0x8DC5EE2E523239B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ec0efe16-901e-003d-64cd-904f98000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87a0cc309cb06927-FRA
expires
Fri, 26 Apr 2024 19:39:10 GMT
landing
pagead2.googlesyndication.com/pagead/ 		42 B
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13q3q3l2l5&rnd=410217372.1714073951&url=https%3A%2F%2Fcsobpomaharegionum.csob.cz%2F&dma_cps=sypham&dma=1&npa=1&gtm=45He44o0n81NQVTK43v811186274za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQVTK43
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 25 Apr 2024 19:39:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
261 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RNNKSPHYCT&gtm=45je44o0v892098353z8811186274za200&_p=1714073950390&gcs=G100&gcd=13q3qPl2l5&npa=1&dma_cps=-&dma=1&cid=1286861276.1714073951&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_s=1&dl=https%3A%2F%2Fcsobpomaharegionum.csob.cz%2F&sid=1714073950&sct=1&seg=0&dt=%C3%9Avod%20-%20%C4%8CSOB%20pom%C3%A1h%C3%A1%20region%C5%AFm&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1510
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RNNKSPHYCT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 25 Apr 2024 19:39:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://csobpomaharegionum.csob.cz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otCenterRounded.json
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/assets/dist/front/js/libs-raven.js?1707306998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4e0b51db940e096731fbe30fb3b9367be7f56e67005d654ad088512e1811ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 25 Apr 2024 19:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
C7yn6FBms+PtRGwjvvXVDw==
age
38941
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2640
x-ms-lease-status
unlocked
last-modified
Tue, 16 May 2023 03:39:46 GMT
server
cloudflare
etag
0x8DB55BF31D40BC1
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b75f3ca6-601e-0039-423b-61c29f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87a0cc311d2c6927-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/ 		61 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/v2/otPcCenter.json
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/assets/dist/front/js/libs-raven.js?1707306998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 25 Apr 2024 19:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
obw5M94dAr0Gi2p2lbQQ/g==
age
38941
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12544
x-ms-lease-status
unlocked
last-modified
Tue, 16 May 2023 03:39:48 GMT
server
cloudflare
etag
0x8DB55BF32AEE4B7
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
1a3c56a3-a01e-0009-082a-617c50000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87a0cc311d2d6927-FRA
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otCookieSettingsButton.json
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/assets/dist/front/js/libs-raven.js?1707306998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fec5c08703b96cc02619b88d090f9835b8b51e6d4ca2c74658d2443e739937b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 25 Apr 2024 19:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
0ySJ2Gl99G9EG3k4JNGyIA==
age
49739
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1762
x-ms-lease-status
unlocked
last-modified
Tue, 16 May 2023 03:39:47 GMT
server
cloudflare
etag
0x8DB55BF3269A7C0
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
121f07ed-001e-004d-5069-61f66f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87a0cc311d2f6927-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202303.2.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.2.0/assets/otCommonStyles.css
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/assets/dist/front/js/libs-raven.js?1707306998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
oWkBTLgDDXvrUsd93y/Zxg==
age
27458
x-ms-lease-status
unlocked
last-modified
Tue, 16 May 2023 03:39:56 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
49731d17-401e-005c-6f3b-616cdb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
87a0cc311d316927-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: csobpomaharegionum.csob.cz
URL: https://csobpomaharegionum.csob.cz/assets/dist/front/js/libs-raven.js?1707306998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
28731
x-ms-lease-status
unlocked
last-modified
Thu, 25 Apr 2024 02:29:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
c0e4546b-c01e-000f-7603-974fef000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
87a0cc316d866927-FRA
CSOB_logo.jpg
cdn.cookielaw.org/logos/ee3c1583-b8c0-4a7f-8e3c-edbd19faa226/7814305c-1ed8-4561-b21d-1a1b434c441d/2565afd9-7a4e-40f5-9895-985a58193a4d/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/ee3c1583-b8c0-4a7f-8e3c-edbd19faa226/7814305c-1ed8-4561-b21d-1a1b434c441d/2565afd9-7a4e-40f5-9895-985a58193a4d/CSOB_logo.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6380c4a79672b79f7209ad6db386656ed3f5844319b0d5961dfdf099a8d7e23f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
hx/IFzctRqXRXhXnySYoQw==
age
49310
content-length
14226
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Fri, 03 Dec 2021 14:25:54 GMT
server
cloudflare
etag
0x8D9B668D0BBF2D4
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
f3d40575-f01e-0066-0be9-5d76a3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
87a0cc317d5d085d-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://csobpomaharegionum.csob.cz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 25 Apr 2024 19:39:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
69695
x-ms-lease-status
unlocked
last-modified
Wed, 24 Apr 2024 02:34:16 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
afd3a406-801e-006c-557a-96d214000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
87a0cc317d5f085d-FRA

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ENV object| dataLayer function| bowser function| _ object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| ExpoScaleEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| ScrollToPlugin function| ScrollMagic function| $ function| jQuery object| w object| Carousel function| initPage object| Raven object| google_tag_manager object| google_tag_data function| OptanonWrapper object| OneTrustStub function| onYouTubeIframeAPIReady string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust object| gaGlobal

3 Cookies

Domain/Path Name / Value
csobpomaharegionum.csob.cz/ Name: XSRF-TOKEN
Value: eyJpdiI6IlMrUWVvMXlIWUFJUkFTQmhRWnBaaGc9PSIsInZhbHVlIjoiNFpjdWxKYVhNZ3BoWk9LSHlSNjczV1NMM0tTSWpwOTJ4MCsvM25aQU9YRUwvOWxvQ3czUlR0UUZTWHM4YW1wb0ltaHpyZXNqSkY2bUhYbDFCQ3BEaVNGMFgvTHlKMWxkYlk1U2YzZy9sVmtjUGhiMmNEVUM1dm5kWHVGWTg1MmIiLCJtYWMiOiJmMjUwOGEwMGU1MTY0YzQ5Zjc3Mzc3NmY5NmViNzM4YzNkZDIwOGUxMDkwYWE2NThmYmRiNTMyNWUzNDA5NjZkIiwidGFnIjoiIn0%3D
csobpomaharegionum.csob.cz/ Name: csob_pomaha_regionum_session
Value: eyJpdiI6ImdTSWFuVnhmU0s0NUdwS3hubGxFZHc9PSIsInZhbHVlIjoiUDR3bHBhUmRBN1FENEVYUWxLM08wNVYwS1JIcGtUbnIzL29abDRlcmR6WmpjcG9QaktLUGVITDlQZCtFb2JQWUtNakIrRlEyV0NpaVJieHRYZzZ6TGpqN0kyYjJ4a29XeWdNYWhjMVpUeGtZMlcyWWJqQzJKZnkvN2N3VDFkUXIiLCJtYWMiOiIyOTY1OTI0ZjNkYTVlMjVmOGFmNWZhYmY5ZDQ2NzdjMWM1NzNhNDcxY2Y3ZGM5ZTZiZTg3ZWUxNmRlOTYxYTc1IiwidGFnIjoiIn0%3D
.csob.cz/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Thu+Apr+25+2024+21%3A39%3A10+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202303.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=963c599b-914f-415a-9786-0c8a504571d7&interactionCount=0&landingPath=https%3A%2F%2Fcsobpomaharegionum.csob.cz%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: cdn.plyr.io; object-src 'self'; style-src 'self' 'unsafe-inline' tagmanager.google.com *.googletagmanager.com fonts.googleapis.com *.typekit.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdn.plyr.io *.hotjar.com *.youtube.com *.ytimg.com www.google-analytics.com *.googletagmanager.com tagmanager.google.com *.typekit.net *.facebook.net *.pingdom.net *.sentry.io sentry.io https://cdn.cookielaw.org https://*.clarity.ms https://googleads.g.doubleclick.net; font-src 'self' data: *.typekit.net fonts.googleapis.com fonts.gstatic.com; img-src 'self' data: storage.isobar.cz.ams3.digitaloceanspaces.com ams3.digitaloceanspaces.com *.youtube.com *.google.cz *.google.com api.paylibo.com stats.g.doubleclick.net www.google-analytics.com www.googletagmanager.com *.gstatic.com *.facebook.com https://cdn.cookielaw.org https://*.clarity.ms *.bing.com; frame-src 'self' *.youtube.com vars.hotjar.com *.facebook.com; connect-src 'self' *.google-analytics.com *.doubleclick.net *.plyr.io *.pingdom.net *.typekit.net *.sentry.io sentry.io *.apiary-mock.com *.facebook.com *.hotjar.com *.hotjar.io www.google-analytics.com stats.g.doubleclick.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://pagead2.googlesyndication.com *.google.com *.clarity.ms upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=/report

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
csobpomaharegionum.csob.cz
p.typekit.net
pagead2.googlesyndication.com
region1.google-analytics.com
use.typekit.net
www.googletagmanager.com
142.250.185.130
2001:4860:4802:34::36
2606:4700::6813:b134
2a00:1450:4001:806::2008
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:149a
2a02:4a8:ac24:111::110:173
163f46e2ecc454abe015caa88ff59bb787c6580712db25091f672a00acb5fecc
18d8010b628f93fa2e02395b20fce91f6d98986a078548d12bc82ec47258475d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c4e824375f60305a48287bca00d40cefd551cd056feb6ef9bcbab4f814da9fb
1f114c4ad960771f34cca339b1e1ebc8e7ca2f97f8fdff5bf22e9887d7f4e46b
1fec5c08703b96cc02619b88d090f9835b8b51e6d4ca2c74658d2443e739937b
23178e036e1cb251d9f905f7fa8357a36171dbe3997186cc4341cd6648334f36
2528435eb7bd2aff15dbc5f5a1df8df9760d3c4c5f2464ba3220fafd17d87474
2e9db88b5a1ee4b73c36da3a353ab1721a5696964a4ed3f25015db1f36a1538c
3d3c4c09770465f72c7f2652e852c77b026f506f55e5ebfa67fd35a6344149f2
3f97e1e4570c6f340d856670f6c7771bfb780c9ce1edcd309f93443203339e6b
44a03bad37bf18ee086f964f9e0a942138a4b8dc09a16452f318b9719a651867
51f45bd359b9a231bd8966b893013c57843799880c0975861fb28910e2f93d0c
57593bb6cec11bfc0be2efa3557b9ed8838fa01b42a2cff6bab5414561532e4d
5a843121dc20081fe190a2f8d5134756895138265f49ca59cedf39ae94743715
5c31435893c094811b757c31e611f4c0d1ba73e8157a4e794e55c10655431997
5f6a7ccee6b32b4c6d8c0972d85986687954a746a3b3cd73fb9996b784bea969
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
624544d6df2727e055505f48fba232a629fe38ec29c70ce073a54e02054d15cb
6380c4a79672b79f7209ad6db386656ed3f5844319b0d5961dfdf099a8d7e23f
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544
7bbe8af169e490a43df2c055c12024a717a97708503ec3cb1ec4d67007ba712b
9daf5c0167af311b1f01cd40dbea7abd7bc097c95aeaf382f9db626f68a56665
a0da90523927f24f6b24f5283f6c24ee1de5165708bee7d938128639d67f96e1
a978420a074cab54683ffaa234300996d5798d8178c267587d83f212311eed78
ae108ce54afa807c1672d7b4a136a59c7eed254c5fb53b3e344ace91b371c105
b35e82db01f6b236763b3238c94e174e8d31ea55ccb23c15634c086fcca7b8d4
bba2a696dc16ca5f26c87aa2c2811b819f6cfce0eaf28cc57c6be1ccb38b8e67
bd5a4023c002aad620ff4d4f1a418c83f5340bc43f76f2ec61238554d7498a9d
c73f8200428afe5f14b2dad7ac1f13340487296357ed137dd95cae29a8b9f12a
cb4e2b87f9f0ec99be837f2ba23ce88f3f25b072e9d169fd2ea0877e7237afd9
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d19df6bda6ed561da13884f7dc98b19ab8a24e7a3e98eec0ffa0dee0bb8df12b
d4e0b51db940e096731fbe30fb3b9367be7f56e67005d654ad088512e1811ecd
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
d8e166157d90ed13492b8627e50c606aeab874cd0a5d6ed3b7c8a7988a3d46d3
e196c8088deae8ca1e8da638eeb3ad62aa9ec273565308986ec47854f802fec6
e259c010725c3adc6987b997f7d280701cb4ca6bbecc171d2bbc988366bb1a65
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8b8310023b9e0de423b111dbf63a7f0abb6cde2d19e4bfb8ae5acf41697436e
fff122b2a1537f0a7cf2058e30c6f6f9e0d67f6091c56292775800bbefc4e50e