Server | nginx |
Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
ETag | W/"dde7507daf8f3b423d610a8a77fb0d03" |
Cache-Control | max-age=0, private, must-revalidate |
X-Request-Id | 41347477-fdbc-4156-9bb9-e2a74763e750 |
X-Runtime | 0.009382 |
Content-Security-Policy | default-src 'self'; block-all-mixed-content; child-src www.google.com; font-src 'self' fonts.gstatic.com; form-action 'self' mojeid.cz; frame-src www.google.com; img-src 'self' ssl.gstatic.com; script-src 'self' 'unsafe-eval' www.google.com www.gstatic.com apis.google.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; upgrade-insecure-requests; report-uri /csp_report |
X-Content-Type-Options | nosniff |
X-Download-Options | noopen |
X-Frame-Options | DENY |
X-Permitted-Cross-Domain-Policies | none |
X-XSS-Protection | 1; mode=block |
Strict-Transport-Security | max-age=631152000; includeSubdomains; preload, max-age=15768000 |