www.michalspacek.cz Open in urlscan Pro
2a05:d018:252:8f00:fe52:a8fb:27cb:748a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://52.19.196.144/
Effective URL:
https://www.michalspacek.cz/
Submission Tags: krdtest
Submission: On September 08 via api (September 8th 2021, 2:47:26 pm UTC) from JP — Scanned from DE

Summary HTTP 8 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 2a05:d018:252:8f00:fe52:a8fb:27cb:748a, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.michalspacek.cz.
TLS certificate: Issued by R3 on August 22nd 2021. Valid for: 3 months.

This is the only time www.michalspacek.cz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.19.196.144 52.19.196.144	16509 (AMAZON-02) (AMAZON-02)
8	2a05:d018:252... 2a05:d018:252:8f00:fe52:a8fb:27cb:748a	16509 (AMAZON-02) (AMAZON-02)
8	1

1 52.19.196.144 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-196-144.eu-west-1.compute.amazonaws.com

52.19.196.144	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a05:d018:252:8f00:fe52:a8fb:27cb:748a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

www.michalspacek.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	michalspacek.cz www.michalspacek.cz	72 KB
8	1

	Domain	Requested by
8	www.michalspacek.cz	www.michalspacek.cz
8	1

This site contains links to these domains. Also see Links.

Domain
www.martinhujer.cz
www.vzhurudolu.cz
creativecommons.org
www.linkedin.com
twitter.com
www.facebook.com
github.com
www.michalspacek.com
upc.michalspacek.cz
pulse.michalspacek.cz

Subject Issuer	Validity	Valid
michalspacek.cz R3	`2021-08-22` - `2021-11-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.michalspacek.cz/
Frame ID: D13C8ABA434026DBAC4DC5EB283A6044
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Michal Špaček

Page URL History Show full URLs

https://52.19.196.144/ HTTP 301
https://www.michalspacek.cz/ Page URL

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

72 kB
Transfer

195 kB
Size

1
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.martinhujer.cz/skoleni/
Title: Martinovi Hujerovi

Search URL Search Domain Scan URL

URL: https://www.vzhurudolu.cz/kurzy/rychlost-nacitani
Title: Martin Michálek

Search URL Search Domain Scan URL

URL: https://creativecommons.org/licenses/by/4.0/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/spaze
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/spazef0rze
Title: @spazef0rze

Search URL Search Domain Scan URL

URL: https://www.facebook.com/spaze
Title: Facebook

Search URL Search Domain Scan URL

URL: https://github.com/spaze
Title: GitHub

Search URL Search Domain Scan URL

URL: https://www.michalspacek.com/
Title: English

Search URL Search Domain Scan URL

URL: https://upc.michalspacek.cz/
Title: UPC Wi-Fi hesla

Search URL Search Domain Scan URL

URL: https://pulse.michalspacek.cz/passwords/storages
Title: Jak ukládají hesla

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://52.19.196.144/ HTTP 301
https://www.michalspacek.cz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.michalspacek.cz/
Redirect Chain

https://52.19.196.144/
https://www.michalspacek.cz/

15 KB
6 KB

235ms
87ms

Document
text/html

2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.michalspacek.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f5cd922d5d351f08a81da4ff69fc0a2a728cfb1fd1e9db328c0fced178a09f58

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'strict-dynamic' 'nonce-e9Zc6bbNUaaScEI+nO0pJA==' 'self' 'report-sample'; style-src 'self' 'report-sample'; frame-ancestors 'none'; form-action 'self'; base-uri 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.michalspacek.cz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 08 Sep 2021 14:47:18 GMT
content-type: text/html; charset=utf-8
x-powered-by: <script>document.write('<img src="//xss.sk" title="Inline JavaScript is bad, m\'kay?">');</script>
server: <script/src=//xss.sk></script>
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-frame-options: DENY
set-cookie: _nss=1; path=/; secure; HttpOnly; SameSite=Strict
vary: X-Requested-With Cookie Accept-Encoding
content-security-policy: default-src 'none'; img-src 'self'; script-src 'strict-dynamic' 'nonce-e9Zc6bbNUaaScEI+nO0pJA==' 'self' 'report-sample'; style-src 'self' 'report-sample'; frame-ancestors 'none'; form-action 'self'; base-uri 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), usb=(), interest-cohort=()
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0, report-uri="https://plz.report-uri.com/r/d/ct/reportOnly"

Redirect headers

server: nginx <script/src=//xss.sk></script>
date: Wed, 08 Sep 2021 14:47:18 GMT
content-type: text/html
content-length: 162
location: https://www.michalspacek.cz/
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=0, report-uri="https://plz.report-uri.com/r/d/ct/reportOnly"
x-powered-by: <script>document.write('<img src="//xss.sk" title="Inline JavaScript is bad, m\'kay?">');</script>
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
content-security-policy: default-src 'none'; form-action 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
referrer-policy: no-referrer, strict-origin-when-cross-origin

GET
H2 200 Fv2TxICe3LA-8dnIOFBO1s5r6KIt6aHrkJEEOhQ_ioc.css
www.michalspacek.cz/i/build/ 14 KB
4 KB 35ms
32ms Stylesheet
text/css 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.michalspacek.cz/i/build/Fv2TxICe3LA-8dnIOFBO1s5r6KIt6aHrkJEEOhQ_ioc.css

Requested by

Host: www.michalspacek.cz
URL: https://www.michalspacek.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx <script/src=//xss.sk></script> / <script>document.write('<img src="//xss.sk" title="Inline JavaScript is bad, m\'kay?">');</script>

Resource Hash

16fd93c4809edcb03ef1d9c838504ed6ce6be8a22de9a1eb9091043a143f8a87

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.michalspacek.cz
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: style
cookie: _nss=1
:path: /i/build/Fv2TxICe3LA-8dnIOFBO1s5r6KIt6aHrkJEEOhQ_ioc.css
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.michalspacek.cz
referer: https://www.michalspacek.cz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.michalspacek.cz/
Origin: https://www.michalspacek.cz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src="//xss.sk" title="Inline JavaScript is bad, m\'kay?">');</script>
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 16:59:35 GMT
server: nginx <script/src=//xss.sk></script>
x-frame-options: DENY
etag: W/"613102f7-372a"
vary: Accept-Encoding Origin
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: text/css
access-control-allow-origin: https://www.michalspacek.cz
cache-control: max-age=31536000 immutable
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
expires: Thu, 08 Sep 2022 14:47:18 GMT

GET
H2 200 iZtS4XGg7zJBocmGsWK6Jt9Dq0vZX8j9OpEjnwCqDus.css
www.michalspacek.cz/i/build/ 6 KB
2 KB 37ms
34ms Stylesheet
text/css 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.michalspacek.cz/i/build/iZtS4XGg7zJBocmGsWK6Jt9Dq0vZX8j9OpEjnwCqDus.css

Requested by

Host: www.michalspacek.cz
URL: https://www.michalspacek.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx <script/src=//xss.sk></script> / <script>document.write('<img src="//xss.sk" title="Inline JavaScript is bad, m\'kay?">');</script>

Resource Hash

899b52e171a0ef3241a1c986b162ba26df43ab4bd95fc8fd3a91239f00aa0eeb

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.michalspacek.cz
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: style
cookie: _nss=1
:path: /i/build/iZtS4XGg7zJBocmGsWK6Jt9Dq0vZX8j9OpEjnwCqDus.css
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.michalspacek.cz
referer: https://www.michalspacek.cz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.michalspacek.cz/
Origin: https://www.michalspacek.cz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src="//xss.sk" title="Inline JavaScript is bad, m\'kay?">');</script>
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 17:14:01 GMT
server: nginx <script/src=//xss.sk></script>
x-frame-options: DENY
etag: W/"61310659-18d7"
vary: Accept-Encoding Origin
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: text/css
access-control-allow-origin: https://www.michalspacek.cz
cache-control: max-age=31536000 immutable
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
expires: Thu, 08 Sep 2022 14:47:18 GMT

GET
H2 200 Gf3U8DHTW3x425z487TawKVRPvPoCzQzAGWkDt8y8Pg.js Show response
www.michalspacek.cz/i/build/ 90 KB
32 KB 40ms
38ms Script
application/javascript 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.michalspacek.cz/i/build/Gf3U8DHTW3x425z487TawKVRPvPoCzQzAGWkDt8y8Pg.js

Requested by

Host: www.michalspacek.cz
URL: https://www.michalspacek.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx <script/src=//xss.sk></script> / <script>document.write('<img src="//xss.sk" title="Inline JavaScript is bad, m\'kay?">');</script>

Resource Hash

19fdd4f031d35b7c78db9cf8f3b4dac0a5513ef3e80b34330065a40edf32f0f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.michalspacek.cz
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: script
cookie: _nss=1
:path: /i/build/Gf3U8DHTW3x425z487TawKVRPvPoCzQzAGWkDt8y8Pg.js
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.michalspacek.cz
referer: https://www.michalspacek.cz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.michalspacek.cz/
Origin: https://www.michalspacek.cz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src="//xss.sk" title="Inline JavaScript is bad, m\'kay?">');</script>
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 16:59:35 GMT
server: nginx <script/src=//xss.sk></script>
x-frame-options: DENY
etag: W/"613102f7-167a3"
vary: Accept-Encoding Origin
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: application/javascript
access-control-allow-origin: https://www.michalspacek.cz
cache-control: max-age=31536000 immutable
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
expires: Thu, 08 Sep 2022 14:47:18 GMT

GET
H2 200 oCYB0jpfZzMfzZEOxAWGlWTFZowNBNOBUB9F_ysCew0.js Show response
www.michalspacek.cz/i/build/ 12 KB
5 KB 64ms
62ms Script
application/javascript 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.michalspacek.cz/i/build/oCYB0jpfZzMfzZEOxAWGlWTFZowNBNOBUB9F_ysCew0.js

Requested by

Host: www.michalspacek.cz
URL: https://www.michalspacek.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx <script/src=//xss.sk></script> / <script>document.write('<img src="//xss.sk" title="Inline JavaScript is bad, m\'kay?">');</script>

Resource Hash

a02601d23a5f67331fcd910ec405869564c5668c0d04d381501f45ff2b027b0d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.michalspacek.cz
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: script
cookie: _nss=1
:path: /i/build/oCYB0jpfZzMfzZEOxAWGlWTFZowNBNOBUB9F_ysCew0.js
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.michalspacek.cz
referer: https://www.michalspacek.cz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.michalspacek.cz/
Origin: https://www.michalspacek.cz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src="//xss.sk" title="Inline JavaScript is bad, m\'kay?">');</script>
x-xss-protection: 1; mode=block
last-modified: Fri, 03 Sep 2021 02:52:10 GMT
server: nginx <script/src=//xss.sk></script>
x-frame-options: DENY
etag: W/"61318dda-2e99"
vary: Accept-Encoding Origin
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: application/javascript
access-control-allow-origin: https://www.michalspacek.cz
cache-control: max-age=31536000 immutable
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
expires: Thu, 08 Sep 2022 14:47:18 GMT

GET
H2 200 4240Go1TXIXsP3AWLhnx3L4_KyFJNIz45ox8LfnXBjw.js Show response
www.michalspacek.cz/i/build/ 441 B
991 B 64ms
63ms Script
application/javascript 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.michalspacek.cz/i/build/4240Go1TXIXsP3AWLhnx3L4_KyFJNIz45ox8LfnXBjw.js

Requested by

Host: www.michalspacek.cz
URL: https://www.michalspacek.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx <script/src=//xss.sk></script> / <script>document.write('<img src="//xss.sk" title="Inline JavaScript is bad, m\'kay?">');</script>

Resource Hash

e36e341a8d535c85ec3f70162e19f1dcbe3f2b2149348cf8e68c7c2df9d7063c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.michalspacek.cz
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: script
cookie: _nss=1
:path: /i/build/4240Go1TXIXsP3AWLhnx3L4_KyFJNIz45ox8LfnXBjw.js
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.michalspacek.cz
referer: https://www.michalspacek.cz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.michalspacek.cz/
Origin: https://www.michalspacek.cz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src="//xss.sk" title="Inline JavaScript is bad, m\'kay?">');</script>
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Sep 2021 17:14:01 GMT
server: nginx <script/src=//xss.sk></script>
x-frame-options: DENY
etag: W/"61310659-1b9"
vary: Accept-Encoding Origin
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: application/javascript
access-control-allow-origin: https://www.michalspacek.cz
cache-control: max-age=31536000 immutable
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
expires: Thu, 08 Sep 2022 14:47:18 GMT

GET
H2 200 4hrqE-wHEyNpJxYr9Ste5rZmV4NK3dyhHpoFJtQ41uY.js Show response
www.michalspacek.cz/i/build/ 57 KB
21 KB 64ms
63ms Script
application/javascript 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.michalspacek.cz/i/build/4hrqE-wHEyNpJxYr9Ste5rZmV4NK3dyhHpoFJtQ41uY.js

Requested by

Host: www.michalspacek.cz
URL: https://www.michalspacek.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx <script/src=//xss.sk></script> / <script>document.write('<img src="//xss.sk" title="Inline JavaScript is bad, m\'kay?">');</script>

Resource Hash

e21aea13ec0713236927162bf52b5ee6b66657834adddca11e9a0526d438d6e6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.michalspacek.cz
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: script
cookie: _nss=1
:path: /i/build/4hrqE-wHEyNpJxYr9Ste5rZmV4NK3dyhHpoFJtQ41uY.js
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.michalspacek.cz
referer: https://www.michalspacek.cz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.michalspacek.cz/
Origin: https://www.michalspacek.cz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:47:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src="//xss.sk" title="Inline JavaScript is bad, m\'kay?">');</script>
x-xss-protection: 1; mode=block
last-modified: Fri, 03 Sep 2021 02:52:10 GMT
server: nginx <script/src=//xss.sk></script>
x-frame-options: DENY
etag: W/"61318dda-e38b"
vary: Accept-Encoding Origin
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: application/javascript
access-control-allow-origin: https://www.michalspacek.cz
cache-control: max-age=31536000 immutable
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
expires: Thu, 08 Sep 2022 14:47:18 GMT

GET
H2 200 michal-spacek.jpg
www.michalspacek.cz/i/images/ 779 B
1 KB 64ms
63ms Image
image/jpeg 2a05:d018:252:8f00:fe52:a8fb:27cb:748a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.michalspacek.cz/i/images/michal-spacek.jpg

Requested by

Host: www.michalspacek.cz
URL: https://www.michalspacek.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:252:8f00:fe52:a8fb:27cb:748a Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx <script/src=//xss.sk></script> / <script>document.write('<img src="//xss.sk" title="Inline JavaScript is bad, m\'kay?">');</script>

Resource Hash

d0907aaaa028886d37138ea0c00e2803c86d4eb5409a048d93dd728ed4e3571b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /i/images/michal-spacek.jpg
pragma: no-cache
cookie: _nss=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.michalspacek.cz
referer: https://www.michalspacek.cz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.michalspacek.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 14:47:18 GMT
x-content-type-options: nosniff
nel: {"report_to": "default", "max_age": 31536000, "include_subdomains": true}
x-powered-by: <script>document.write('<img src="//xss.sk" title="Inline JavaScript is bad, m\'kay?">');</script>
content-length: 779
x-xss-protection: 1; mode=block
last-modified: Sun, 16 Jun 2019 02:47:51 GMT
server: nginx <script/src=//xss.sk></script>
x-frame-options: DENY
etag: "5d05add7-30b"
vary: Origin
report-to: {"group": "default", "max_age": 31536000, "endpoints": [{"url": "https://plz.report-uri.com/a/d/g"}], "include_subdomains": true}
content-type: image/jpeg
cache-control: max-age=604800
content-security-policy: script-src 'none'; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
accept-ranges: bytes
expires: Wed, 15 Sep 2021 14:47:18 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.michalspacek.cz/	1969-12-31 23:59:59	Name: _nss Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'strict-dynamic' 'nonce-e9Zc6bbNUaaScEI+nO0pJA==' 'self' 'report-sample'; style-src 'self' 'report-sample'; frame-ancestors 'none'; form-action 'self'; base-uri 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://plz.report-uri.com/r/default/csp/enforce; report-to default
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.michalspacek.cz
2a05:d018:252:8f00:fe52:a8fb:27cb:748a
52.19.196.144
16fd93c4809edcb03ef1d9c838504ed6ce6be8a22de9a1eb9091043a143f8a87
19fdd4f031d35b7c78db9cf8f3b4dac0a5513ef3e80b34330065a40edf32f0f8
899b52e171a0ef3241a1c986b162ba26df43ab4bd95fc8fd3a91239f00aa0eeb
a02601d23a5f67331fcd910ec405869564c5668c0d04d381501f45ff2b027b0d
d0907aaaa028886d37138ea0c00e2803c86d4eb5409a048d93dd728ed4e3571b
e21aea13ec0713236927162bf52b5ee6b66657834adddca11e9a0526d438d6e6
e36e341a8d535c85ec3f70162e19f1dcbe3f2b2149348cf8e68c7c2df9d7063c
f5cd922d5d351f08a81da4ff69fc0a2a728cfb1fd1e9db328c0fced178a09f58

www.michalspacek.cz Open in urlscan Pro 2a05:d018:252:8f00:fe52:a8fb:27cb:748a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

72 kBTransfer

195 kBSize

1 Cookies

10 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

www.michalspacek.cz Open in urlscan Pro
2a05:d018:252:8f00:fe52:a8fb:27cb:748a Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

72 kB
Transfer

195 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions