Server | nginx |
Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
X-Frame-Options | SAMEORIGIN |
X-Powered-By | Nette Framework |
Vary | Accept-Encoding, X-Requested-With |
X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
Referrer-Policy | strict-origin |
Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://ajax.googleapis.com https://*.google-analytics.com https://*.disqus.com https://*.disquscdn.com https://disqus.com https://*.addthis.com https://*.addthisedge.com; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://*.disquscdn.com https://fonts.googleapis.com; img-src 'self' https://www.google-analytics.com https://www.gstatic.com https://*.disquscdn.com https://referrer.disqus.com https://static.flattr.net https://*.shields.io data:; font-src 'self' https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com data:; child-src 'self' https://disqus.com https://*.flattr.com https://*.addthis.com; connect-src 'self' https://*.addthis.com; upgrade-insecure-requests; block-all-mixed-content; report-uri https://jiripudil.report-uri.io/r/default/csp/enforce |
Public-Key-Pins | pin-sha256="0cK+vFMyHEzhCKO34Lxc183esKsrkw49XPCaMVgABQk="; pin-sha256="WL7sFv3rvZELMrpS0uyQjEdUhxpiBQdlnB/5nakoI6A="; pin-sha256="dH7/VFQByrQMp5MaJCGhMMRGzZckPFlOqJCoxDCBgRM="; includeSubdomains; max-age=2592000; report-uri="https://jiripudil.report-uri.io/r/default/hpkp/enforce" |
Expect-CT | max-age=0, report-uri="https://jiripudil.report-uri.io/r/default/ct/reportOnly" |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Content-Encoding | gzip |