urlscan.io logo urlscan.io
SecurityTrails logo

josiah-staging.tonad-dokku.rails.cz Open in urlscan Pro
46.234.101.228  Public Scan

Go To Rescan Add Verdict Report
URL: https://josiah-staging.tonad-dokku.rails.cz/
Submission: On September 09 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 13 HTTP transactions. The main IP is 46.234.101.228, located in Czech Republic and belongs to SUPERNETWORK _, CZ. The main domain is josiah-staging.tonad-dokku.rails.cz.
TLS certificate: Issued by E5 on September 9th 2024. Valid for: 3 months.
This is the only time josiah-staging.tonad-dokku.rails.cz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 46.234.101.228 39392 (SUPERNETW...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2 2a02:6ea0:c45... 60068 (CDN77 _)
2 2a04:4e42:200... 54113 (FASTLY)
1 3.171.139.128 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
13 6
5    46.234.101.228 (Czech Republic)

ASN39392 (SUPERNETWORK _, CZ)
PTR: c.rainbowtours.cz
josiah-staging.tonad-dokku.rails.cz
1    2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2607:f8b0:4006:820::200e (United States)

ASN15169 (GOOGLE, US)
maps.google.com
2    2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 _, GB)
cdn.rawgit.com
2    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    3.171.139.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-171-139-128.jfk52.r.cloudfront.net
privacy-policy.truste.com
1    2607:f8b0:4006:806::200a (United States)

ASN15169 (GOOGLE, US)
maps.googleapis.com
Apex Domain
Subdomains		 Transfer
5 rails.cz
josiah-staging.tonad-dokku.rails.cz
1013 KB
3 google.com
maps.google.com — Cisco Umbrella Rank: 3713
195 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
9 KB
2 rawgit.com
cdn.rawgit.com — Cisco Umbrella Rank: 21759
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
maps.googleapis.com — Cisco Umbrella Rank: 567
3 KB
1 truste.com
privacy-policy.truste.com — Cisco Umbrella Rank: 21945
3 KB
13 6
Domain Requested by
5 josiah-staging.tonad-dokku.rails.cz josiah-staging.tonad-dokku.rails.cz
3 maps.google.com josiah-staging.tonad-dokku.rails.cz
maps.google.com
2 cdn.jsdelivr.net josiah-staging.tonad-dokku.rails.cz
2 cdn.rawgit.com 2 redirects
1 maps.googleapis.com maps.google.com
1 privacy-policy.truste.com josiah-staging.tonad-dokku.rails.cz
1 fonts.googleapis.com josiah-staging.tonad-dokku.rails.cz
13 7

This site contains links to these domains. Also see Links.

Domain
privacy.truste.com
Subject Issuer Validity Valid
josiah-staging.tonad-dokku.rails.cz
E5		 2024-09-09 -
2024-12-08		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.truste.com
Amazon RSA 2048 M02		 2023-11-18 -
2024-12-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://josiah-staging.tonad-dokku.rails.cz/
Frame ID: ACC537D187A32CD27FE1586FDDE3D353
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

EMS

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

13
Requests

85 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

1222 kB
Transfer

4624 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://cdn.rawgit.com/mahnunchik/markerclustererplus/master/dist/markerclusterer.min.js HTTP 301
  • https://cdn.jsdelivr.net/gh/mahnunchik/markerclustererplus@master/dist/markerclusterer.min.js
Request Chain 5
  • https://cdn.rawgit.com/printercu/google-maps-utility-library-v3-read-only/master/infobox/src/infobox_packed.js HTTP 301
  • https://cdn.jsdelivr.net/gh/printercu/google-maps-utility-library-v3-read-only@master/infobox/src/infobox_packed.js

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
josiah-staging.tonad-dokku.rails.cz/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://josiah-staging.tonad-dokku.rails.cz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.234.101.228 , Czech Republic, ASN39392 (SUPERNETWORK _, CZ),
Reverse DNS
c.rainbowtours.cz
Software
nginx /
Resource Hash
8a49b08694912efe2e964a5d81a1c58b371a35675e26264f0199eed0758cd4ae
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 09 Sep 2024 15:13:34 GMT
etag
W/"8a49b08694912efe2e964a5d81a1c58b"
link
</assets/application-043f1edff55dfaf361334b8d240e8de290a1b1cb64feee5f0bf7d6784226a769.css>; rel=preload; as=style; nopush,</assets/application-da48def8e5e8a75f904a6976ac0085a8a7ffd4e6af3c094946cc35dc43abb982.js>; rel=preload; as=script; nopush
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=15724800; includeSubdomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
4190075a-5060-4366-b99c-63e27aa41029
x-runtime
0.034069
x-xss-protection
0
application-043f1edff55dfaf361334b8d240e8de290a1b1cb64feee5f0bf7d6784226a769.css
josiah-staging.tonad-dokku.rails.cz/assets/ 		530 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://josiah-staging.tonad-dokku.rails.cz/assets/application-043f1edff55dfaf361334b8d240e8de290a1b1cb64feee5f0bf7d6784226a769.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.234.101.228 , Czech Republic, ASN39392 (SUPERNETWORK _, CZ),
Reverse DNS
c.rainbowtours.cz
Software
nginx /
Resource Hash
5c82c00bbb384675babdc626e78bbca1037411b75635450db58a18b725ec5013
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

Referer
https://josiah-staging.tonad-dokku.rails.cz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 15:13:34 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubdomains
last-modified
Sun, 08 Sep 2024 21:48:38 GMT
server
nginx
vary
accept-encoding
content-type
text/css
content-length
72190
application-da48def8e5e8a75f904a6976ac0085a8a7ffd4e6af3c094946cc35dc43abb982.js
josiah-staging.tonad-dokku.rails.cz/assets/ 		3 MB
863 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://josiah-staging.tonad-dokku.rails.cz/assets/application-da48def8e5e8a75f904a6976ac0085a8a7ffd4e6af3c094946cc35dc43abb982.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.234.101.228 , Czech Republic, ASN39392 (SUPERNETWORK _, CZ),
Reverse DNS
c.rainbowtours.cz
Software
nginx /
Resource Hash
e420f20d9fd6e3e51d0e7c0350fb0dc2c2b77a8aa762744b92ac24e2940c363c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

Referer
https://josiah-staging.tonad-dokku.rails.cz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 15:13:34 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubdomains
last-modified
Sun, 08 Sep 2024 21:48:38 GMT
server
nginx
vary
accept-encoding
content-type
text/javascript
content-length
882095
css
fonts.googleapis.com/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,300,400,600,700,800
Requested by
Host: josiah-staging.tonad-dokku.rails.cz
URL: https://josiah-staging.tonad-dokku.rails.cz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33215082465c660fdf4986bb3e857b6c429bba1d0bdd3f9c669400ff884691f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://josiah-staging.tonad-dokku.rails.cz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 09 Sep 2024 15:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 09 Sep 2024 15:13:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 09 Sep 2024 15:13:35 GMT
js
maps.google.com/maps/api/ 		229 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps/api/js?v=3.24&key=AIzaSyCxXJpewYViILseNqLTjjfpykT8tWJeG_E
Requested by
Host: josiah-staging.tonad-dokku.rails.cz
URL: https://josiah-staging.tonad-dokku.rails.cz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ee51b9f0b6fd82351dc47fa2bca375fd872485b787531763f6d6643ab46b68b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://josiah-staging.tonad-dokku.rails.cz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 15:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80148
x-xss-protection
0
markerclusterer.min.js
cdn.jsdelivr.net/gh/mahnunchik/markerclustererplus@master/dist/
Redirect Chain
  • https://cdn.rawgit.com/mahnunchik/markerclustererplus/master/dist/markerclusterer.min.js
  • https://cdn.jsdelivr.net/gh/mahnunchik/markerclustererplus@master/dist/markerclusterer.min.js
19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/mahnunchik/markerclustererplus@master/dist/markerclusterer.min.js
Requested by
Host: josiah-staging.tonad-dokku.rails.cz
URL: https://josiah-staging.tonad-dokku.rails.cz/
Protocol
H2
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
93a9f2d729f2b85c1109b3473c77d664d3565c62e6cf9f8037d0193c06b8cde0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://josiah-staging.tonad-dokku.rails.cz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 09 Sep 2024 15:13:36 GMT
x-content-type-options
nosniff
content-encoding
br
age
17320
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
5147
x-served-by
cache-fra-etou8220132-FRA, cache-ewr-kewr1740050-EWR
x-jsd-version-type
branch
etag
W/"4ae1-JFMBaRmVEIAjWRVqxnBOieVEtD4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

date
Mon, 09 Sep 2024 15:13:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
885
age
74203
x-cache
MISS, HIT
cdn-cachedat
09/09/2024 15:13:36
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443", h3-29=":443", h3-27=":443"
content-length
127
x-served-by
cache-fra-eddf8230104-FRA, cache-chi-kigq8000082-CHI
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
301
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/gh/mahnunchik/markerclustererplus@master/dist/markerclusterer.min.js
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers
*
cache-control
public, max-age=2592000
cdn-cache
EXPIRED
cdn-requestid
e8092bac6af9d2188c66f9beb600b151
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
301
cdn-requestpullsuccess
True
infobox_packed.js
cdn.jsdelivr.net/gh/printercu/google-maps-utility-library-v3-read-only@master/infobox/src/
Redirect Chain
  • https://cdn.rawgit.com/printercu/google-maps-utility-library-v3-read-only/master/infobox/src/infobox_packed.js
  • https://cdn.jsdelivr.net/gh/printercu/google-maps-utility-library-v3-read-only@master/infobox/src/infobox_packed.js
6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/printercu/google-maps-utility-library-v3-read-only@master/infobox/src/infobox_packed.js
Requested by
Host: josiah-staging.tonad-dokku.rails.cz
URL: https://josiah-staging.tonad-dokku.rails.cz/
Protocol
H2
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a1f01d3106b7787d8c187297656eabf20c84273b2265d5f00645460c600f45d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://josiah-staging.tonad-dokku.rails.cz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 09 Sep 2024 15:13:36 GMT
x-content-type-options
nosniff
content-encoding
br
age
9489
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3049
x-served-by
cache-fra-eddf8230078-FRA, cache-ewr-kewr1740050-EWR
x-jsd-version-type
branch
etag
W/"1762-emd75CJxhBc2YLb0vJjYgfM/pIc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

date
Mon, 09 Sep 2024 15:13:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
885
age
31473
x-cache
MISS, HIT
cdn-cachedat
09/09/2024 15:13:36
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443", h3-29=":443", h3-27=":443"
content-length
149
x-served-by
cache-fra-eddf8230139-FRA, cache-chi-kigq8000107-CHI
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
301
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/gh/printercu/google-maps-utility-library-v3-read-only@master/infobox/src/infobox_packed.js
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers
*
cache-control
public, max-age=2592000
cdn-cache
EXPIRED
cdn-requestid
068545d21618396e5bfa5f060fc4642a
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
301
cdn-requestpullsuccess
True
seal
privacy-policy.truste.com/privacy-seal/ 		161 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://privacy-policy.truste.com/privacy-seal/seal?rid=92a17bea-f20c-4511-91c6-07eaf3c20072
Requested by
Host: josiah-staging.tonad-dokku.rails.cz
URL: https://josiah-staging.tonad-dokku.rails.cz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.171.139.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-139-128.jfk52.r.cloudfront.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
38118fa99879ff7473b4b7a8d1d004f62cb43d0a27b9b768bbf3c198bdde827d
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.truste.com ; upgrade-insecure-requests; block-all-mixed-content;, upgrade-insecure-requests, default-src 'self' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; font-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; style-src 'self' 'unsafe-inline' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; img-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net https://trustarc.com; frame-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; connect-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://josiah-staging.tonad-dokku.rails.cz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 08 Sep 2024 19:51:56 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff, nosniff
Content-Security-Policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.truste.com ; upgrade-insecure-requests; block-all-mixed-content;, upgrade-insecure-requests, default-src 'self' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; font-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; style-src 'self' 'unsafe-inline' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; img-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net https://trustarc.com; frame-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; connect-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; upgrade-insecure-requests; block-all-mixed-content;
Via
1.1 ded721d3aeecfb4f35d39da9e2d34066.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK52-P8
Cross-Origin-Embedder-Policy
unsafe-none, unsafe-none
Age
69700
X-Cache
Hit from cloudfront
Cross-Origin-Resource-Policy
cross-origin, cross-origin
Connection
keep-alive
Content-Length
161
X-Xss-Protection
1; mode=block, 1; mode=block
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx/1.18.0 (Ubuntu)
Cross-Origin-Opener-Policy
cross-origin, cross-origin
ETag
W/"161-1713322042000"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type
image/png
Cache-Control
no-cache, must-revalidate, no-cache, no-store
Access-Control-Allow-Credentials
true
Permissions-Policy
autoplay=(self), document-domain=(self), encrypted-media=(self), autoplay=(self), document-domain=(self), encrypted-media=(self)
Accept-Ranges
bytes
X-Amz-Cf-Id
No_oHBiwmuy_Xj4v1Ki_PEqTSdYKesO_8LlCNncbQti0qw4UebCvlg==
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?v=3.24&key=AIzaSyCxXJpewYViILseNqLTjjfpykT8tWJeG_E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://josiah-staging.tonad-dokku.rails.cz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 15:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://josiah-staging.tonad-dokku.rails.cz
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
fontawesome-webfont-fa79d127baca4558a0b973f5f514b90fc5ef43314c41095f5cb285ffaa0a4029.woff2
josiah-staging.tonad-dokku.rails.cz/assets/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://josiah-staging.tonad-dokku.rails.cz/assets/fontawesome-webfont-fa79d127baca4558a0b973f5f514b90fc5ef43314c41095f5cb285ffaa0a4029.woff2
Requested by
Host: josiah-staging.tonad-dokku.rails.cz
URL: https://josiah-staging.tonad-dokku.rails.cz/assets/application-043f1edff55dfaf361334b8d240e8de290a1b1cb64feee5f0bf7d6784226a769.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.234.101.228 , Czech Republic, ASN39392 (SUPERNETWORK _, CZ),
Reverse DNS
c.rainbowtours.cz
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

Referer
https://josiah-staging.tonad-dokku.rails.cz/assets/application-043f1edff55dfaf361334b8d240e8de290a1b1cb64feee5f0bf7d6784226a769.css
Origin
https://josiah-staging.tonad-dokku.rails.cz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 15:13:37 GMT
strict-transport-security
max-age=15724800; includeSubdomains
last-modified
Sun, 08 Sep 2024 21:48:38 GMT
server
nginx
content-length
77160
content-type
font/woff2
favicon.ico
josiah-staging.tonad-dokku.rails.cz/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://josiah-staging.tonad-dokku.rails.cz/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.234.101.228 , Czech Republic, ASN39392 (SUPERNETWORK _, CZ),
Reverse DNS
c.rainbowtours.cz
Software
nginx /
Resource Hash
0f92167c608c72edccb41dbe39e0e118b067b0ba44fa4315d4e75851474eac76
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

Referer
https://josiah-staging.tonad-dokku.rails.cz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 15:13:37 GMT
strict-transport-security
max-age=15724800; includeSubdomains
last-modified
Mon, 09 Sep 2024 06:29:03 GMT
server
nginx
content-length
1150
content-type
image/vnd.microsoft.icon
common.js
maps.google.com/maps-api-v3/api/js/58/3/ 		288 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/58/3/common.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?v=3.24&key=AIzaSyCxXJpewYViILseNqLTjjfpykT8tWJeG_E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9621b73d4224e76ee2f27145bd3e0b21600588dc9e731018750b9bed79f0fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://josiah-staging.tonad-dokku.rails.cz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 18:02:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
421883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62928
x-xss-protection
0
last-modified
Tue, 03 Sep 2024 19:13:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Sep 2025 18:02:18 GMT
util.js
maps.google.com/maps-api-v3/api/js/58/3/ 		181 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/58/3/util.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?v=3.24&key=AIzaSyCxXJpewYViILseNqLTjjfpykT8tWJeG_E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d7739e388dda531cab9ade5469d1711930f0ce85e637fabc0e7d3bcd005723
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://josiah-staging.tonad-dokku.rails.cz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 18:02:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
421883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56151
x-xss-protection
0
last-modified
Tue, 03 Sep 2024 19:13:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Sep 2025 18:02:18 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView function| ClusterIcon function| Cluster function| MarkerClusterer function| InfoBox object| cookiesEu string| CKEDITOR_BASEPATH object| I18n function| $ function| jQuery object| NProgress object| jQuery111202657336510909343 object| Select2 function| Cookies object| materialadmin object| ko function| _ object| Handlebars object| HandlebarsTemplates function| moment object| Gmaps object| SocialShareButton object| CKEDITOR object| Highcharts function| datepicker function| datetimepicker function| timepicker function| PasswordStrength function| textLimit function| clear_select function| copyToClipboard function| initAutocompletes function| formatSchoolResult function| formatSchoolSelection function| formatUserResult function| formatUserSelection function| formatPeopleResult function| formatPeopleSelection function| formatChurchPersonResult function| formatChurchPersonSelection function| formatChurchResult function| formatChurchSelection function| formatEventResult function| formatEventSelection function| formatGroupResult function| formatGroupSelection function| User function| UsersRole function| Church function| School function| Invite function| formUpdated function| RegistrationForm function| Statistic function| Todo function| Registration function| EventDesign function| EmailTags function| TourStop function| TourCoordinator function| TourChurch function| TourSchool function| DayItem function| DayItemsTourMember function| RpmEvent function| SpecialActivity function| Karta function| FormInput function| CheckLeaving boolean| aysUnloadSet

1 Cookies

Domain/Path Name / Value
josiah-staging.tonad-dokku.rails.cz/ Name: _josiah_session
Value: f05fd9f080c584cbf624225ed9558f94

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://josiah-staging.tonad-dokku.rails.cz/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0