clickandsmile.cz Open in urlscan Pro
2a0f:b140:10:ec08::11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mw.clickandsmile.cz/
Effective URL:
https://clickandsmile.cz/
Submission: On August 17 via api (August 17th 2022, 2:01:02 am UTC) from VN — Scanned from DE

Summary HTTP 54 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 9 domains to perform 54 HTTP transactions. The main IP is 2a0f:b140:10:ec08::11, located in Czech Republic and belongs to CESAL, CZ. The main domain is clickandsmile.cz.
TLS certificate: Issued by R3 on August 2nd 2022. Valid for: 3 months.

This is the only time clickandsmile.cz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	2a0f:b140:10:... 2a0f:b140:10:ec08::11	50067 (CESAL) (CESAL)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
5 10	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
8	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	52.239.194.100 52.239.194.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
54	10

30 2a0f:b140:10:ec08::11 (Czech Republic) 1 redirects

ASN50067 (CESAL, CZ)

mw.clickandsmile.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clickandsmile.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.clickandsmile.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42:200::485 (United States) 5 redirects

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.239.194.100 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

clickandsmile.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	clickandsmile.cz 1 redirects mw.clickandsmile.cz clickandsmile.cz api.clickandsmile.cz	474 KB
10	jsdelivr.net 5 redirects cdn.jsdelivr.net — Cisco Umbrella Rank: 423	5 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	2 KB
3	windows.net clickandsmile.blob.core.windows.net	51 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	12 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	92 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	41 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
54	9

	Domain	Requested by
27	clickandsmile.cz	clickandsmile.cz
10	cdn.jsdelivr.net	5 redirects clickandsmile.cz
8	www.facebook.com	connect.facebook.net clickandsmile.cz
3	clickandsmile.blob.core.windows.net	clickandsmile.cz
3	cdnjs.cloudflare.com	clickandsmile.cz
2	api.clickandsmile.cz	clickandsmile.cz
2	connect.facebook.net	clickandsmile.cz
1	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.googletagmanager.com	clickandsmile.cz
1	fonts.googleapis.com	clickandsmile.cz
1	mw.clickandsmile.cz	1 redirects
54	11

This site contains links to these domains. Also see Links.

Domain
facebook.com
www.instagram.com
www.facebook.com
m.me

Subject Issuer	Validity	Valid
clickandsmile.cz R3	`2022-08-02` - `2022-10-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-26` - `2022-08-24`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2022-06-06` - `2023-06-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://clickandsmile.cz/
Frame ID: 00460225A6B64824DF483D235B4A27D4
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Click and Smile - fotobudka, kterou si zamilujete | Fotokoutek Click and Smile

Page URL History Show full URLs

https://mw.clickandsmile.cz/ HTTP 302
https://clickandsmile.cz/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

54
Requests

89 %
HTTPS

89 %
IPv6

9
Domains

11
Subdomains

10
IPs

5
Countries

698 kB
Transfer

1412 kB
Size

3
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/clickandsmile.cz
Title: Facebooku

Search URL Search Domain Scan URL

URL: https://www.instagram.com/clickandsmile.cz/
Title: Instagramu

Search URL Search Domain Scan URL

URL: https://www.facebook.com/media/set/?set=a.441563784659113
Title: Přejít do alba

Search URL Search Domain Scan URL

URL: https://www.facebook.com/media/set/?set=a.5078867235538832&type=3
Title: Přejít do alba

Search URL Search Domain Scan URL

URL: https://www.facebook.com/marek.suchan.10/posts/2152646711486597
Title: Marek Suchan

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tereza.prchalova.7/posts/2151025854979131
Title: Tereza Prchalová

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lucka.titzova/posts/2327753777256787
Title: Lucka Titzová

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pg/clickandsmile.cz/reviews
Title: Klára Adamová

Search URL Search Domain Scan URL

URL: https://www.facebook.com/barbora.schmidova.7/posts/10214325298477583
Title: Barbora Benešová

Search URL Search Domain Scan URL

URL: https://www.facebook.com/anetka.veliskova/posts/2634661319895038
Title: Anet Velíšková

Search URL Search Domain Scan URL

URL: https://www.facebook.com/teruska.semeradova/posts/2146550095425443
Title: Tereza Semerádová

Search URL Search Domain Scan URL

URL: https://m.me/clickandsmile.cz
Title: Facebook Messenger

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mw.clickandsmile.cz/ HTTP 302
https://clickandsmile.cz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs//shapes/5.svg HTTP 301
https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/5.svg

Request Chain 30

https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs//shapes/2.svg HTTP 301
https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/2.svg

Request Chain 31

https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs//shapes/7.svg HTTP 301
https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/7.svg

Request Chain 32

https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs//shapes/10.svg HTTP 301
https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/10.svg

Request Chain 34

https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs//shapes/9.svg HTTP 301
https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/9.svg

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
clickandsmile.cz/
Redirect Chain

https://mw.clickandsmile.cz/
https://clickandsmile.cz/

32 KB
11 KB

87ms
30ms

Document
text/html

2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

d8b4851ea33d961d5f2dd8e241db17b2881832a8bcdd50d984ae84a87406805c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 10114
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Content-Type: text/html
Date: Wed, 17 Aug 2022 02:00:57 GMT
ETag: "7e84-5dedf36be568b-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Fri, 13 May 2022 06:59:21 GMT
Referrer-Policy: strict-origin
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Upgrade: h2
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: Upgrade, Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 17 Aug 2022 02:00:57 GMT
Keep-Alive: timeout=5, max=100
Location: https://clickandsmile.cz
Referrer-Policy: strict-origin
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Upgrade: h2
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.css
clickandsmile.cz/assets/ 182 KB
28 KB 35ms
34ms Stylesheet
text/css 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/main.css?v=2021061101

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

8d259cecae70aadb38349aa729b390706554f66898d34889e039e4f38d51ae24

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 26796
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:08 GMT
Server: Apache
X-Frame-Options: DENY
ETag: "2d842-5dedf36039168-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK fontawesome.css
clickandsmile.cz/assets/vendor/ 58 KB
14 KB 89ms
30ms Stylesheet
text/css 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/vendor/fontawesome.css

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 12858
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:16 GMT
Server: Apache
X-Frame-Options: DENY
ETag: "e7a9-5dedf3675954c-gzip"
Vary: Accept-Encoding
Upgrade: h2
Connection: Upgrade, Keep-Alive
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100

GET
H2 200 owl.carousel.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/ 3 KB
2 KB 75ms
27ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://clickandsmile.cz/
Origin: https://clickandsmile.cz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 02:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7690129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 845
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-d17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eiFMCJFuB2QWVOBVmRQCY8ko70CGa93yqd6EYbbBkKzzWu9ph1Y7N3q9CE7xhu%2BzBwKbFKT8WzX1busmrAYuDIKLkngh4yU5sx9kP4wpmXxcFjKBMz0iH5cfDlsM6yOZygYTJyBF%2FCCQwlvEIdFVX6PD"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73bed1b07c079b1f-FRA
expires: Mon, 07 Aug 2023 02:00:57 GMT

GET
H2 200 owl.theme.default.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/ 1013 B
646 B 79ms
30ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://clickandsmile.cz/
Origin: https://clickandsmile.cz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 02:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 634753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 331
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-3f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTaH6Uv3H84UGB3QVWoTBsXXs12X3TSqRMzdGQ9BRFud%2Fff%2FdShlPlSG12bYVz2eogLyR3MFgzLBw1dO4nRwo2sI3XGrL5AfFm7L2guPDi93CaFErro66KNeGqeF9pEddePUStO%2FNZ4M0q1Z5TtdRtI1"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73bed1b07c089b1f-FRA
expires: Mon, 07 Aug 2023 02:00:57 GMT

GET
H/1.1 200
OK bootstrap-datepicker.css
clickandsmile.cz/assets/vendor/datepicker/ 17 KB
3 KB 85ms
28ms Stylesheet
text/css 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/vendor/datepicker/bootstrap-datepicker.css

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

6cb3541f348c12fc41868cac044ec45d8948ae6a3bfa7ec5e2826b6b522039a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 2134
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:16 GMT
Server: Apache
X-Frame-Options: DENY
ETag: "4326-5dedf367d1732-gzip"
Vary: Accept-Encoding
Upgrade: h2
Connection: Upgrade, Keep-Alive
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK bootstrap-slider.min.css
clickandsmile.cz/assets/vendor/ 9 KB
3 KB 84ms
27ms Stylesheet
text/css 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/vendor/bootstrap-slider.min.css

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

1b720060960842f6603e4b0d4036e3bf177f09ad527c20c5c2edacda5b74a06a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 2128
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:16 GMT
Server: Apache
X-Frame-Options: DENY
ETag: "2478-5dedf36742dea-gzip"
Vary: Accept-Encoding
Upgrade: h2
Connection: Upgrade, Keep-Alive
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK photoswipe.css
clickandsmile.cz/assets/vendor/photoswipe/ 4 KB
3 KB 85ms
28ms Stylesheet
text/css 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/vendor/photoswipe/photoswipe.css

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

4812d4e2fbfa080ea51ec6755f24dd8728c9c428cf89ffd34648e7b321801a71

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 1298
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:17 GMT
Server: Apache
X-Frame-Options: DENY
ETag: "1029-5dedf3681ca56-gzip"
Vary: Accept-Encoding
Upgrade: h2
Connection: Upgrade, Keep-Alive
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK default-skin.css
clickandsmile.cz/assets/vendor/photoswipe/default-skin/ 11 KB
4 KB 85ms
28ms Stylesheet
text/css 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/vendor/photoswipe/default-skin/default-skin.css

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

734b9c920ca443dbf993e22a56264e64a738ec99fb2908a5e3f30fdf2480dc5f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 2983
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:17 GMT
Server: Apache
X-Frame-Options: DENY
ETag: "2d57-5dedf3684b859-gzip"
Vary: Accept-Encoding
Upgrade: h2
Connection: Upgrade, Keep-Alive
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK gallery.css
clickandsmile.cz/assets/ 81 B
1 KB 84ms
27ms Stylesheet
text/css 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/gallery.css

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

de4a8ebe448e5411145a719ee19a8e3e2313cea60d73721227979a1ef5e38f01

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 100
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:08 GMT
Server: Apache
X-Frame-Options: DENY
ETag: "51-5dedf3601bca7-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 85ms
32ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,300italic,400italic,700italic

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c22f348443f50967866cfba52f5a832cca7bfaa060c587e4de0937db8301bc53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 01:51:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 17 Aug 2022 02:00:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Aug 2022 02:00:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 84ms
35ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-6695124-10

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5a51e7f688b8d2ef35d7e3d775a0496159603d08db65275a19ef173f9b724f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 02:00:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41850
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 01:18:35 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Aug 2022 02:00:57 GMT

GET
H/1.1 200
OK logo-140.png
clickandsmile.cz/assets/img/ 11 KB
12 KB 27ms
27ms Image
image/png 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clickandsmile.cz/assets/img/logo-140.png

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

8f3600d63f82fc0153489e5f6a58fd263f22402066266bc5f42fea0b742a1f4e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:09 GMT
Server: Apache
ETag: "2b84-5dedf360e5f12"
X-Frame-Options: DENY
Content-Type: image/png
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 11140
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fotoboxmon.png
clickandsmile.cz/assets/img/ 6 KB
7 KB 28ms
27ms Image
image/png 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clickandsmile.cz/assets/img/fotoboxmon.png

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

10458a79ff02f013cf3e8ff1149e707bf2d26178a29277da89d99a6f5b8c3c9f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:09 GMT
Server: Apache
ETag: "18a3-5dedf360ce811"
X-Frame-Options: DENY
Content-Type: image/png
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 6307
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK personbin.png
clickandsmile.cz/assets/img/ 8 KB
9 KB 28ms
27ms Image
image/png 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clickandsmile.cz/assets/img/personbin.png

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

4d0ea242e9517738b2bae167732f6c6d60a7c289e732cb56c9906a826174b8ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:09 GMT
Server: Apache
ETag: "1fcb-5dedf360fb6d3"
X-Frame-Options: DENY
Content-Type: image/png
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 8139
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cameraprint.png
clickandsmile.cz/assets/img/ 7 KB
8 KB 28ms
27ms Image
image/png 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clickandsmile.cz/assets/img/cameraprint.png

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

2c332975e8f9dca81cf1cdb1044fa6d3786a93648b689e565132e7b19aa83c84

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:09 GMT
Server: Apache
ETag: "1bfa-5dedf360b134f"
X-Frame-Options: DENY
Content-Type: image/png
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7162
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fotobox.jpg
clickandsmile.cz/assets/img/ 124 KB
126 KB 28ms
28ms Image
image/jpeg 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clickandsmile.cz/assets/img/fotobox.jpg

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

4489318c97db05b81baa910761f98964a48291aff28f035272fd7eee1f401479

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:09 GMT
Server: Apache
ETag: "1f0bd-5dedf360c5b70"
X-Frame-Options: DENY
Content-Type: image/jpeg
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 127165
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo-160.png
clickandsmile.cz/assets/img/ 12 KB
14 KB 28ms
28ms Image
image/png 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clickandsmile.cz/assets/img/logo-160.png

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

1d4cebfd58f362360c86f57bfb4050cb5495c347391d69be7fd7864ad694726f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:09 GMT
Server: Apache
ETag: "3112-5dedf360f0af2"
X-Frame-Options: DENY
Content-Type: image/png
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 12562
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.min.js Show response
clickandsmile.cz/assets/vendor/ 87 KB
32 KB 33ms
32ms Script
application/javascript 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/vendor/jquery.min.js

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 30902
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:16 GMT
Server: Apache
X-Frame-Options: DENY
ETag: "15d9d-5dedf3678546e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK popper.min.js Show response
clickandsmile.cz/assets/vendor/ 21 KB
9 KB 28ms
28ms Script
application/javascript 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/vendor/popper.min.js

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 7503
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:16 GMT
Server: Apache
X-Frame-Options: DENY
ETag: "52f1-5dedf367a4870-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK bootstrap.min.js Show response
clickandsmile.cz/assets/vendor/ 61 KB
16 KB 31ms
31ms Script
application/javascript 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/vendor/bootstrap.min.js

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 15286
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:16 GMT
Server: Apache
X-Frame-Options: DENY
ETag: "f3e8-5dedf3674e96b-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK jquery.easing.js Show response
clickandsmile.cz/assets/vendor/ 4 KB
3 KB 30ms
28ms Script
application/javascript 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/vendor/jquery.easing.js

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

b70e7fc0877517ee0bc941766499e94681cd5c9eba8eb2b720685fab82e12e36

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 1188
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:16 GMT
Server: Apache
X-Frame-Options: DENY
ETag: "fcf-5dedf36776a0d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK login.js Show response
clickandsmile.cz/assets/js/ 2 KB
2 KB 30ms
28ms Script
application/javascript 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/js/login.js?v=2021061101

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

fddca7fde04c99e978652546d9eafabd16b10aeece82fbd53d1ffbec692b2c7f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 701
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:15 GMT
Server: Apache
X-Frame-Options: DENY
ETag: "89d-5dedf36701707-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H2 200 owl.carousel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/ 43 KB
10 KB 28ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://clickandsmile.cz/
Origin: https://clickandsmile.cz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 02:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 634807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10158
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-ad36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2V7w%2BJWKK6VUwZhOTHObVaUdI7xJ28gnL6mM%2BiyS25e4wf%2FKevxSASLWIC0zOk1hUT%2FXUQ6XReo5ohdfFB7twQyFu1qreouZEa8q%2Fu6pZiJ9exFSBw%2FkZq5Hq2wuHPudZ5wuJSwvDiYtCQsvJvF0DKo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73bed1b0ec489b1f-FRA
expires: Mon, 07 Aug 2023 02:00:57 GMT

GET
H/1.1 200
OK functions.js Show response
clickandsmile.cz/assets/js/ 2 KB
2 KB 29ms
27ms Script
application/javascript 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/js/functions.js?v=2021061101

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

f78ae933db986ca44ff2b01aa3fb23707769ca22bba9367a71238dd929a45645

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 799
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:15 GMT
Server: Apache
X-Frame-Options: DENY
ETag: "7a0-5dedf366bd143-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK common.js Show response
clickandsmile.cz/assets/js/ 2 KB
2 KB 28ms
28ms Script
application/javascript 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/js/common.js?v=2021061101

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

cbe65c40ace6bbde94b07e95760c745744b1b2ff66f303cb03194fdcd5fd6b76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 756
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:15 GMT
Server: Apache
X-Frame-Options: DENY
ETag: "808-5dedf36699ec1-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK gallery-util.js Show response
clickandsmile.cz/assets/js/ 4 KB
3 KB 29ms
29ms Script
application/javascript 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/js/gallery-util.js?v=2021061101

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

d30e44e5369c16757faec2471f3c3e01ba93a2fc816097d59b5332fa20880189

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 1282
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:15 GMT
Server: Apache
X-Frame-Options: DENY
ETag: "f23-5dedf366df425-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK homepage.js Show response
clickandsmile.cz/assets/js/ 769 B
2 KB 28ms
27ms Script
application/javascript 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/js/homepage.js?v=2021061101

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

4ae9e0cbf1613f2846781e866dcfd5a11c35d4ac6c8d50c5f5e4949614eb96c5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 383
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:15 GMT
Server: Apache
X-Frame-Options: DENY
ETag: "301-5dedf366ea006-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK faq.js Show response
clickandsmile.cz/assets/js/ 902 B
2 KB 27ms
27ms Script
application/javascript 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/js/faq.js?v=2021061101

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

60b14e000436dd1b017e993a74ea4f5884c6a2f37424ccb94c197f92a0c90e73

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Length: 329
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:15 GMT
Server: Apache
X-Frame-Options: DENY
ETag: "386-5dedf366b15c3-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/cs_CZ/sdk/ 318 KB
91 KB 109ms
33ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/cs_CZ/sdk/xfbml.customerchat.js

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d9032208276db87ed87b922db4e02123c5b73977f9beab0f3a46557cd4d750fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: OciaUWBUzkwFCdK6SKou6g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 92012
x-fb-rlafr: 0
x-fb-debug: 0Viihbj1P+/ONKciaJrAAzVSKJFKHcEIsOLwDZD+gIukZXqlZxiiIcyOhkEeJALq5GDDWhhLvDzGaSIT9aja5A==
x-fb-trip-id: 720026100
x-fb-content-md5: 0001e7cc1342b40083a496c6fbe11eb4
x-frame-options: DENY
date: Wed, 17 Aug 2022 02:00:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c24560383ed8c041e54c3915c433545a"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 17 Aug 2022 02:14:15 GMT

GET
H3

200

5.svg
cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/
Redirect Chain

https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs//shapes/5.svg
https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/5.svg

850 B
908 B

44ms
22ms

Image
image/svg+xml

2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/5.svg

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/assets/main.css?v=2021061101

Protocol

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

78f54d337493f56fa77b4e16d1cd72823770b67a1694f9ec967c2c3a0dbcc6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 206
x-jsd-version: 2.0.1
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 541
etag: W/"352-piFpu7qDNYsCqpZ7l65VJ4LuDZw"
x-served-by: cache-fra19147-FRA, cache-hhn4059-HHN
x-jsd-version-type: version
date: Wed, 17 Aug 2022 02:00:57 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 18
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 87
x-served-by: cache-fra19164-FRA, cache-hhn4045-HHN
location: /gh/froala/design-blocks@2.0.1/dist/imgs/shapes/5.svg
date: Wed, 17 Aug 2022 02:00:57 GMT
vary: Accept-Encoding, Accept
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3

200

2.svg
cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/
Redirect Chain

https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs//shapes/2.svg
https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/2.svg

889 B
954 B

43ms
21ms

Image
image/svg+xml

2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/2.svg

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/assets/main.css?v=2021061101

Protocol

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a604d547effee6f530fcd5d30bc7bb8c06459f22256c688fbe6f7535aa28e154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2402228
x-jsd-version: 2.0.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 584
etag: W/"379-PGEGqXTyvxlrpUOsgvxxuTDcDZc"
x-served-by: cache-fra19167-FRA, cache-hhn4059-HHN
x-jsd-version-type: version
date: Wed, 17 Aug 2022 02:00:57 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 3700293
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 87
x-served-by: cache-fra19135-FRA, cache-hhn4045-HHN
location: /gh/froala/design-blocks@2.0.1/dist/imgs/shapes/2.svg
date: Wed, 17 Aug 2022 02:00:57 GMT
vary: Accept-Encoding, Accept
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3

200

7.svg
cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/
Redirect Chain

https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs//shapes/7.svg
https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/7.svg

766 B
868 B

44ms
21ms

Image
image/svg+xml

2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/7.svg

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/assets/main.css?v=2021061101

Protocol

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5674d6dafbbc56476777d9d7315cd552b72555ec3b3aca3ff7fe6a1a370e6be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 108965
x-jsd-version: 2.0.1
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 501
etag: W/"2fe-zi8Hn3tWsoQgETgG52yJePO67qQ"
x-served-by: cache-fra19121-FRA, cache-hhn4059-HHN
x-jsd-version-type: version
date: Wed, 17 Aug 2022 02:00:57 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 18
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 87
x-served-by: cache-fra19167-FRA, cache-hhn4045-HHN
location: /gh/froala/design-blocks@2.0.1/dist/imgs/shapes/7.svg
date: Wed, 17 Aug 2022 02:00:57 GMT
vary: Accept-Encoding, Accept
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3

200

10.svg
cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/
Redirect Chain

https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs//shapes/10.svg
https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/10.svg

897 B
953 B

43ms
21ms

Image
image/svg+xml

2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/10.svg

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/assets/main.css?v=2021061101

Protocol

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6015354ab53150fad4543d94afe9ee657d6e632f7502ffdbfef45c2a40be6d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3605714
x-jsd-version: 2.0.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 585
etag: W/"381-Pi699b2zxnIDKdItaarObsOu1Ds"
x-served-by: cache-fra19179-FRA, cache-hhn4059-HHN
x-jsd-version-type: version
date: Wed, 17 Aug 2022 02:00:57 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 1872528
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 88
x-served-by: cache-fra19169-FRA, cache-hhn4045-HHN
location: /gh/froala/design-blocks@2.0.1/dist/imgs/shapes/10.svg
date: Wed, 17 Aug 2022 02:00:57 GMT
vary: Accept-Encoding, Accept
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK fa-solid-900.woff2
clickandsmile.cz/assets/webfonts/ 76 KB
78 KB 48ms
27ms Font
font/woff2 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/webfonts/fa-solid-900.woff2

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/assets/vendor/fontawesome.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clickandsmile.cz/
Origin: https://clickandsmile.cz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:18 GMT
Server: Apache
ETag: "131bc-5dedf369496e7"
X-Frame-Options: DENY
Content-Type: font/woff2
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 78268
X-XSS-Protection: 1; mode=block

GET
H3

200

9.svg
cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/
Redirect Chain

https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs//shapes/9.svg
https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/9.svg

552 B
763 B

42ms
20ms

Image
image/svg+xml

2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/froala/design-blocks@2.0.1/dist/imgs/shapes/9.svg

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/assets/main.css?v=2021061101

Protocol

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f4280de3d260d11ce10bc31f1098ea058a2fb971a75f979603a4f8729258ca85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3705495
x-jsd-version: 2.0.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 394
etag: W/"228-h90asocjDCMXmNz4bJo9nO6y1/U"
x-served-by: cache-fra19179-FRA, cache-hhn4059-HHN
x-jsd-version-type: version
date: Wed, 17 Aug 2022 02:00:57 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 3617915
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 87
x-served-by: cache-fra19161-FRA, cache-hhn4045-HHN
location: /gh/froala/design-blocks@2.0.1/dist/imgs/shapes/9.svg
date: Wed, 17 Aug 2022 02:00:57 GMT
vary: Accept-Encoding, Accept
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK fa-brands-400.woff2
clickandsmile.cz/assets/webfonts/ 75 KB
76 KB 51ms
27ms Font
font/woff2 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://clickandsmile.cz/assets/webfonts/fa-brands-400.woff2

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/assets/vendor/fontawesome.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clickandsmile.cz/
Origin: https://clickandsmile.cz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:57 GMT
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:17 GMT
Server: Apache
ETag: "12bc0-5dedf368d43e0"
X-Frame-Options: DENY
Content-Type: font/woff2
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 76736
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200
OK get
api.clickandsmile.cz/gallery/ 0
0 126ms
29ms Preflight 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://api.clickandsmile.cz/gallery/get

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://clickandsmile.cz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: https://clickandsmile.cz
Access-Control-Max-Age: 1800
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Connection: Keep-Alive
Content-Length: 0
Date: Wed, 17 Aug 2022 02:00:58 GMT
Keep-Alive: timeout=5, max=100
Referrer-Policy: strict-origin
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK get Show response
api.clickandsmile.cz/gallery/ 912 B
1 KB 35ms
34ms XHR
application/json 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to

Full URL

https://api.clickandsmile.cz/gallery/get

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/assets/vendor/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

533a107bf43b353169a03dcd3214fd28895d1ed5b3fcbb7bf638dc7c6bd8b01a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://clickandsmile.cz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 17 Aug 2022 02:00:58 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Referrer-Policy: strict-origin
Server: Apache
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type: application/json
Access-Control-Allow-Origin: https://clickandsmile.cz
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
X-XSS-Protection: 1; mode=block

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 64ms
31ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/assets/vendor/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5005b52561546daefee40250b95520fceea4581e93f2b78b08e093f424eb995f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: oiqG1vFMb3wVBNHf0bDbXg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: gYfL5lf8Kbb4fi5L/OrhlvL4JNT5OIJsIo5NXS9L1XiG13iuqB7AYJcjxXjEB4L9Hu5h1SecbCzFyQecCs6euw==
x-fb-content-md5: da7286328e39e59576f172f08e0e5500
x-frame-options: DENY
date: Wed, 17 Aug 2022 02:00:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "07996ca640e284ef9dddc5a858681da6"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 17 Aug 2022 02:19:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 83ms
20ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6695124-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3301
date: Wed, 17 Aug 2022 01:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 17 Aug 2022 03:05:57 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 102ms
44ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=349609238832018&input_token&origin=1&redirect_uri=https%3A%2F%2Fclickandsmile.cz%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/cs_CZ/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 8bUFdN8EO3pcHexys9S1jhJSf2JnGJ8C6txYENTyMDoULDKz68u2CSMlD2bVDO8rh9ZdMjp4mgzeG9uSzKo15A==
fb-s: unknown
date: Wed, 17 Aug 2022 02:00:58 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://clickandsmile.cz
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 81ms
24ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=349609238832018&ev=fb_page_view&dl=https%3A%2F%2Fclickandsmile.cz%2F&rl=&if=false&ts=1660701658003&sw=1600&sh=1200&at=

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 02:00:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 17 Aug 2022 02:00:58 GMT

POST collect
www.google-analytics.com/j/ 0
0

GET
H/1.1 200
OK 412_preview.jpg
clickandsmile.blob.core.windows.net/public/images/galprev/ 17 KB
18 KB 445ms
45ms Image
application/octet-stream 52.239.194.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clickandsmile.blob.core.windows.net/public/images/galprev/412_preview.jpg
Requested by: Host: clickandsmile.cz
URL: https://clickandsmile.cz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.194.100 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0a1c06d9589b1cc8971d38a49b98eca6321bccf46f8785538df2bf2201a66039

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 17 Aug 2022 02:00:58 GMT
Last-Modified: Mon, 15 Aug 2022 05:51:28 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: P9tC2SsZ9Z41GudDMY7auA==
ETag: 0x8DA7E823247A7AF
Content-Type: application/octet-stream
x-ms-request-id: 8361da48-e01e-0054-3ddd-b1410a000000
x-ms-version: 2009-09-19
Content-Length: 17678

GET
H/1.1 200
OK 220723_frantoly_000.jpg
clickandsmile.blob.core.windows.net/220723frantoly/galthumb/ 14 KB
15 KB 451ms
46ms Image
application/octet-stream 52.239.194.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clickandsmile.blob.core.windows.net/220723frantoly/galthumb/220723_frantoly_000.jpg
Requested by: Host: clickandsmile.cz
URL: https://clickandsmile.cz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.194.100 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3e5b5bc9000131f5896a74782a7a74852bada6cd4a5b19e25ece30bb0803390

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 17 Aug 2022 02:00:57 GMT
Last-Modified: Sun, 24 Jul 2022 11:02:09 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 3QgPsZTSZQnpv1qd9in6EA==
ETag: 0x8DA6D63F458205A
Content-Type: application/octet-stream
x-ms-request-id: 5ad8a832-d01e-001b-30dd-b11b04000000
x-ms-version: 2009-09-19
Content-Length: 14437

GET
H/1.1 200
OK 406_preview.jpg
clickandsmile.blob.core.windows.net/public/images/galprev/ 19 KB
19 KB 457ms
49ms Image
application/octet-stream 52.239.194.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clickandsmile.blob.core.windows.net/public/images/galprev/406_preview.jpg
Requested by: Host: clickandsmile.cz
URL: https://clickandsmile.cz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.194.100 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6d64b247c1ec835887604b27dfb32ec22d4608a6092e1d9bb6659bef84e4a25d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 17 Aug 2022 02:00:57 GMT
Last-Modified: Sun, 29 May 2022 15:24:10 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 0WqZDNQTkZwbB/m1nng4DA==
ETag: 0x8DA41874790425B
Content-Type: application/octet-stream
x-ms-request-id: 920ab94d-201e-001c-0bdd-b1ca0a000000
x-ms-version: 2009-09-19
Content-Length: 19288

GET
H/1.1 200
OK gray260.png
clickandsmile.cz/assets/img/ 290 B
2 KB 27ms
27ms Image
image/png 2a0f:b140:10:ec08::11
CESAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clickandsmile.cz/assets/img/gray260.png

Requested by

Host: clickandsmile.cz
URL: https://clickandsmile.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a0f:b140:10:ec08::11 , Czech Republic, ASN50067 (CESAL, CZ),

Reverse DNS

Software

Apache /

Resource Hash

f8f9f96e093879e0da7284f643de3a8bc7d3ec95c6726c89416617244ee3992c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://clickandsmile.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 02:00:58 GMT
Referrer-Policy: strict-origin
Last-Modified: Fri, 13 May 2022 06:59:09 GMT
Server: Apache
ETag: "122-5dedf360da391"
X-Frame-Options: DENY
Content-Type: image/png
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 290
X-XSS-Protection: 1; mode=block

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
31 B 71ms
47ms XHR
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=349609238832018&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c66d019d24a88%26domain%3Dclickandsmile.cz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fclickandsmile.cz%252Ff3d6da207da01a8%26relation%3Dparent.parent&current_url=https%3A%2F%2Fclickandsmile.cz%2F&event_name=chat_plugin_sdk_facade_create&greeting_dialog_delay=4&greeting_dialog_display=fade&is_loaded_by_facade=true&loading_time=0&locale=cs_CZ&log_id=1b2d214d-2804-42d7-aae0-17ef207ffd9f&logged_in_greeting=Dobr%C3%BD%20den!%20N%C3%A1%C5%A1%20fotokoutek%20m%C5%AF%C5%BEete%20m%C3%ADt%20u%C5%BE%20za%207990K%C4%8D!%20M%C3%A1te%20n%C4%9Bjakou%20ot%C3%A1zku%3F%20Napi%C5%A1te!&logged_out_greeting=Dobr%C3%BD%20den!%20N%C3%A1%C5%A1%20fotokoutek%20m%C5%AF%C5%BEete%20m%C3%ADt%20u%C5%BE%20za%207990K%C4%8D!%20M%C3%A1te%20n%C4%9Bjakou%20ot%C3%A1zku%3F%20Napi%C5%A1te!&page_id=454478081311127&request_time=1660701658546&sdk=joey&suppress_http_code=1&theme_color=%230084ff

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/cs_CZ/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://clickandsmile.cz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: NAbJvnhTlDnTsJRu/fKyoAOp50Okx/6ekSTT3ZB8leVmNnHpsOzcCAQZInxXs85wgzDDrtDFFqjQgy5Zr0sAyw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 17 Aug 2022 02:00:58 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://clickandsmile.cz
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rlafr: 0
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/facade/ 1 KB
781 B 88ms
65ms XHR
application/json 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/facade/?app_id=349609238832018&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c66d019d24a88%26domain%3Dclickandsmile.cz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fclickandsmile.cz%252Ff3d6da207da01a8%26relation%3Dparent.parent&current_url=https%3A%2F%2Fclickandsmile.cz%2F&greeting_dialog_delay=4&greeting_dialog_display=fade&is_loaded_by_facade=true&locale=cs_CZ&log_id=1b2d214d-2804-42d7-aae0-17ef207ffd9f&logged_in_greeting=Dobr%C3%BD%20den!%20N%C3%A1%C5%A1%20fotokoutek%20m%C5%AF%C5%BEete%20m%C3%ADt%20u%C5%BE%20za%207990K%C4%8D!%20M%C3%A1te%20n%C4%9Bjakou%20ot%C3%A1zku%3F%20Napi%C5%A1te!&logged_out_greeting=Dobr%C3%BD%20den!%20N%C3%A1%C5%A1%20fotokoutek%20m%C5%AF%C5%BEete%20m%C3%ADt%20u%C5%BE%20za%207990K%C4%8D!%20M%C3%A1te%20n%C4%9Bjakou%20ot%C3%A1zku%3F%20Napi%C5%A1te!&page_id=454478081311127&request_time=1660701658546&sdk=joey&suppress_http_code=1&theme_color=%230084ff

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/cs_CZ/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a63ca15447b82f976e95aa2f756e7f0c35a014181fdfdd266304d6900b6ee780

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://clickandsmile.cz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: WXdlGuIzErpgWb6H0FLhfVorf2dQQxqKryL/H7rwAj4xo2M80MqEVhlv1VbsA+Fh8QhiEJyo0tc0NMm92ip/rQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 17 Aug 2022 02:00:58 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://clickandsmile.cz
vary: Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
25 B 70ms
50ms XHR
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=349609238832018&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2638978fe18978%26domain%3Dclickandsmile.cz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fclickandsmile.cz%252Ff3d6da207da01a8%26relation%3Dparent.parent&current_url=https%3A%2F%2Fclickandsmile.cz%2F&event_name=chat_plugin_sdk_facade_create&greeting_dialog_delay=4&greeting_dialog_display=fade&is_loaded_by_facade=true&loading_time=0&locale=cs_CZ&log_id=5db0a467-56a8-4889-85cd-f0507cb8c0b5&logged_in_greeting=Dobr%C3%BD%20den!%20N%C3%A1%C5%A1%20fotokoutek%20m%C5%AF%C5%BEete%20m%C3%ADt%20u%C5%BE%20za%207990K%C4%8D!%20M%C3%A1te%20n%C4%9Bjakou%20ot%C3%A1zku%3F%20Napi%C5%A1te!&logged_out_greeting=Dobr%C3%BD%20den!%20N%C3%A1%C5%A1%20fotokoutek%20m%C5%AF%C5%BEete%20m%C3%ADt%20u%C5%BE%20za%207990K%C4%8D!%20M%C3%A1te%20n%C4%9Bjakou%20ot%C3%A1zku%3F%20Napi%C5%A1te!&page_id=454478081311127&request_time=1660701658550&sdk=joey&suppress_http_code=1&theme_color=%230084ff

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/cs_CZ/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://clickandsmile.cz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: gSZqSqDdz4Y1JcNQg4f+dHA0c1iGqXsgLWP0Z7Bygg4OVYcnHWWh5o/9VN29kIAb0pwiwNpb3wB0iEDwPbR6tg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 17 Aug 2022 02:00:58 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://clickandsmile.cz
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/facade/ 1 KB
781 B 80ms
60ms XHR
application/json 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/facade/?app_id=349609238832018&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2638978fe18978%26domain%3Dclickandsmile.cz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fclickandsmile.cz%252Ff3d6da207da01a8%26relation%3Dparent.parent&current_url=https%3A%2F%2Fclickandsmile.cz%2F&greeting_dialog_delay=4&greeting_dialog_display=fade&is_loaded_by_facade=true&locale=cs_CZ&log_id=5db0a467-56a8-4889-85cd-f0507cb8c0b5&logged_in_greeting=Dobr%C3%BD%20den!%20N%C3%A1%C5%A1%20fotokoutek%20m%C5%AF%C5%BEete%20m%C3%ADt%20u%C5%BE%20za%207990K%C4%8D!%20M%C3%A1te%20n%C4%9Bjakou%20ot%C3%A1zku%3F%20Napi%C5%A1te!&logged_out_greeting=Dobr%C3%BD%20den!%20N%C3%A1%C5%A1%20fotokoutek%20m%C5%AF%C5%BEete%20m%C3%ADt%20u%C5%BE%20za%207990K%C4%8D!%20M%C3%A1te%20n%C4%9Bjakou%20ot%C3%A1zku%3F%20Napi%C5%A1te!&page_id=454478081311127&request_time=1660701658550&sdk=joey&suppress_http_code=1&theme_color=%230084ff

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/cs_CZ/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a63ca15447b82f976e95aa2f756e7f0c35a014181fdfdd266304d6900b6ee780

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://clickandsmile.cz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: tx6dxlTUSQHF3k0YLZYXEMfO+pxYv7BA1+S+rPSbXxxBFZIZ/j/TPCSE+aCmxypHe5B3MK2CUjFHgueQiL3R4Q==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 17 Aug 2022 02:00:58 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://clickandsmile.cz
vary: Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rlafr: 0
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
25 B 48ms
48ms XHR
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=349609238832018&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2638978fe18978%26domain%3Dclickandsmile.cz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fclickandsmile.cz%252Ff3d6da207da01a8%26relation%3Dparent.parent&current_url=https%3A%2F%2Fclickandsmile.cz%2F&event_name=chat_plugin_sdk_facade_load&greeting_dialog_delay=4&greeting_dialog_display=fade&is_loaded_by_facade=true&loading_time=83&locale=cs_CZ&log_id=5db0a467-56a8-4889-85cd-f0507cb8c0b5&logged_in_greeting=Dobr%C3%BD%20den!%20N%C3%A1%C5%A1%20fotokoutek%20m%C5%AF%C5%BEete%20m%C3%ADt%20u%C5%BE%20za%207990K%C4%8D!%20M%C3%A1te%20n%C4%9Bjakou%20ot%C3%A1zku%3F%20Napi%C5%A1te!&logged_out_greeting=Dobr%C3%BD%20den!%20N%C3%A1%C5%A1%20fotokoutek%20m%C5%AF%C5%BEete%20m%C3%ADt%20u%C5%BE%20za%207990K%C4%8D!%20M%C3%A1te%20n%C4%9Bjakou%20ot%C3%A1zku%3F%20Napi%C5%A1te!&page_id=454478081311127&request_time=1660701658633&sdk=joey&suppress_http_code=1&theme_color=%230084ff

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/cs_CZ/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://clickandsmile.cz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: sjZRBex4+ONa1dNH8Ayw45bEd61b4+JCUWriDQ3Be4V0pU5knvAOpt/czFUOWOJj/q/B7Wju6vnaVRb2w7gzIw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 17 Aug 2022 02:00:58 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://clickandsmile.cz
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
25 B 49ms
49ms XHR
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=349609238832018&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c66d019d24a88%26domain%3Dclickandsmile.cz%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fclickandsmile.cz%252Ff3d6da207da01a8%26relation%3Dparent.parent&current_url=https%3A%2F%2Fclickandsmile.cz%2F&event_name=chat_plugin_sdk_facade_load&greeting_dialog_delay=4&greeting_dialog_display=fade&is_loaded_by_facade=true&loading_time=93&locale=cs_CZ&log_id=1b2d214d-2804-42d7-aae0-17ef207ffd9f&logged_in_greeting=Dobr%C3%BD%20den!%20N%C3%A1%C5%A1%20fotokoutek%20m%C5%AF%C5%BEete%20m%C3%ADt%20u%C5%BE%20za%207990K%C4%8D!%20M%C3%A1te%20n%C4%9Bjakou%20ot%C3%A1zku%3F%20Napi%C5%A1te!&logged_out_greeting=Dobr%C3%BD%20den!%20N%C3%A1%C5%A1%20fotokoutek%20m%C5%AF%C5%BEete%20m%C3%ADt%20u%C5%BE%20za%207990K%C4%8D!%20M%C3%A1te%20n%C4%9Bjakou%20ot%C3%A1zku%3F%20Napi%C5%A1te!&page_id=454478081311127&request_time=1660701658639&sdk=joey&suppress_http_code=1&theme_color=%230084ff

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/cs_CZ/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://clickandsmile.cz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: OGtGpdTSean9eSd9ptjzTKJ28cMfCNxZmZVC8gDRGxjstHGBEiyq04FGa2Y67GdckP3rq/hRS4BRGk+M+GQ3zg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 17 Aug 2022 02:00:58 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://clickandsmile.cz
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rlafr: 0
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1901282635&t=pageview&_s=1&dl=https%3A%2F%2Fclickandsmile.cz%2F&ul=en-us&de=UTF-8&dt=Click%20and%20Smile%20-%20fotobudka%2C%20kterou%20si%20zamilujete%20%7C%20Fotokoutek%20Click%20and%20Smile&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=459860823&gjid=671633796&cid=359242467.1660701658&tid=UA-6695124-10&_gid=1104495977.1660701658&_r=1&gtm=2ou8f0&z=2103880440

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.clickandsmile.cz/	1970-01-20 14:54:21	Name: _ga Value: GA1.2.359242467.1660701658
.clickandsmile.cz/	1970-01-20 05:19:48	Name: _gid Value: GA1.2.1104495977.1660701658
.clickandsmile.cz/	1970-01-20 05:18:21	Name: _gat_gtag_UA_6695124_10 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.google-analytics.com/analytics.js(Line 43) Message: Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1901282635&t=pageview&_s=1&dl=https%3A%2F%2Fclickandsmile.cz%2F&ul=en-us&de=UTF-8&dt=Click%20and%20Smile%20-%20fotobudka%2C%20kterou%20si%20zamilujete%20%7C%20Fotokoutek%20Click%20and%20Smile&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=459860823&gjid=671633796&cid=359242467.1660701658&tid=UA-6695124-10&_gid=1104495977.1660701658&_r=1&gtm=2ou8f0&z=2103880440' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; frame-ancestors 'none'; frame-src 'self' https://www.google.com https://www.facebook.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://connect.facebook.net 'unsafe-inline' about:; img-src 'self' data: blob: https://clickandsmile.blob.core.windows.net https://stats.g.doubleclick.net https://cdn.jsdelivr.net https://www.google-analytics.com https://www.google.cz https://www.google.com https://www.facebook.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com data:; connect-src 'self' https://api.clickandsmile.cz https://www.facebook.com https://connect.facebook.net https://graph.facebook.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.clickandsmile.cz
cdn.jsdelivr.net
cdnjs.cloudflare.com
clickandsmile.blob.core.windows.net
clickandsmile.cz
connect.facebook.net
fonts.googleapis.com
mw.clickandsmile.cz
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.google-analytics.com
2606:4700::6811:190e
2a00:1450:4001:800::2008
2a00:1450:4001:812::200a
2a00:1450:4001:830::200e
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::485
2a0f:b140:10:ec08::11
52.239.194.100
0a1c06d9589b1cc8971d38a49b98eca6321bccf46f8785538df2bf2201a66039
10458a79ff02f013cf3e8ff1149e707bf2d26178a29277da89d99a6f5b8c3c9f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b720060960842f6603e4b0d4036e3bf177f09ad527c20c5c2edacda5b74a06a
1d4cebfd58f362360c86f57bfb4050cb5495c347391d69be7fd7864ad694726f
2c332975e8f9dca81cf1cdb1044fa6d3786a93648b689e565132e7b19aa83c84
4489318c97db05b81baa910761f98964a48291aff28f035272fd7eee1f401479
4812d4e2fbfa080ea51ec6755f24dd8728c9c428cf89ffd34648e7b321801a71
4ae9e0cbf1613f2846781e866dcfd5a11c35d4ac6c8d50c5f5e4949614eb96c5
4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72
4d0ea242e9517738b2bae167732f6c6d60a7c289e732cb56c9906a826174b8ef
5005b52561546daefee40250b95520fceea4581e93f2b78b08e093f424eb995f
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
533a107bf43b353169a03dcd3214fd28895d1ed5b3fcbb7bf638dc7c6bd8b01a
6015354ab53150fad4543d94afe9ee657d6e632f7502ffdbfef45c2a40be6d0b
60b14e000436dd1b017e993a74ea4f5884c6a2f37424ccb94c197f92a0c90e73
6cb3541f348c12fc41868cac044ec45d8948ae6a3bfa7ec5e2826b6b522039a3
6d64b247c1ec835887604b27dfb32ec22d4608a6092e1d9bb6659bef84e4a25d
734b9c920ca443dbf993e22a56264e64a738ec99fb2908a5e3f30fdf2480dc5f
78f54d337493f56fa77b4e16d1cd72823770b67a1694f9ec967c2c3a0dbcc6e4
8d259cecae70aadb38349aa729b390706554f66898d34889e039e4f38d51ae24
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8f3600d63f82fc0153489e5f6a58fd263f22402066266bc5f42fea0b742a1f4e
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a604d547effee6f530fcd5d30bc7bb8c06459f22256c688fbe6f7535aa28e154
a63ca15447b82f976e95aa2f756e7f0c35a014181fdfdd266304d6900b6ee780
b70e7fc0877517ee0bc941766499e94681cd5c9eba8eb2b720685fab82e12e36
c22f348443f50967866cfba52f5a832cca7bfaa060c587e4de0937db8301bc53
cbe65c40ace6bbde94b07e95760c745744b1b2ff66f303cb03194fdcd5fd6b76
d30e44e5369c16757faec2471f3c3e01ba93a2fc816097d59b5332fa20880189
d5a51e7f688b8d2ef35d7e3d775a0496159603d08db65275a19ef173f9b724f3
d8b4851ea33d961d5f2dd8e241db17b2881832a8bcdd50d984ae84a87406805c
d9032208276db87ed87b922db4e02123c5b73977f9beab0f3a46557cd4d750fc
de4a8ebe448e5411145a719ee19a8e3e2313cea60d73721227979a1ef5e38f01
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5b5bc9000131f5896a74782a7a74852bada6cd4a5b19e25ece30bb0803390
f4280de3d260d11ce10bc31f1098ea058a2fb971a75f979603a4f8729258ca85
f5674d6dafbbc56476777d9d7315cd552b72555ec3b3aca3ff7fe6a1a370e6be
f78ae933db986ca44ff2b01aa3fb23707769ca22bba9367a71238dd929a45645
f8f9f96e093879e0da7284f643de3a8bc7d3ec95c6726c89416617244ee3992c
fddca7fde04c99e978652546d9eafabd16b10aeece82fbd53d1ffbec692b2c7f
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

clickandsmile.cz Open in urlscan Pro 2a0f:b140:10:ec08::11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

89 %HTTPS

89 %IPv6

9 Domains

11 Subdomains

10 IPs

5 Countries

698 kBTransfer

1412 kBSize

3 Cookies

12 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

clickandsmile.cz Open in urlscan Pro
2a0f:b140:10:ec08::11 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

89 %
HTTPS

89 %
IPv6

9
Domains

11
Subdomains

10
IPs

5
Countries

698 kB
Transfer

1412 kB
Size

3
Cookies

54 HTTP transactions
0 data transactions