Server | nginx |
Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
X-Powered-By | Nette Framework |
X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
Strict-Transport-Security | max-age=2592000 |
Referrer-Policy | no-referrer-when-downgrade |
X-Frame-Options | SAMEORIGIN |
Content-Security-Policy | default-src 'none'; script-src maps.googleapis.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com *.g.doubleclick.net *.smartlook.com *.heureka.cz *.zbozi.cz *.facebook.net *.facebook.com c.imedia.cz im9.cz 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' *.kreativni-hratky.cz data: *.googleapis.com *.gstatic.com www.google-analytics.com *.g.doubleclick.net www.google.com www.googleadservices.com *.facebook.net *.facebook.com c.imedia.cz im9.cz *.heureka.cz www.google.cz www.google.de www.google.at www.google.pl www.google.sk www.google.ru www.google.fr www.google.hr www.google.ch www.google.nl www.google.tn www.google.co.uk www.google.co.in; font-src 'self' fonts.googleapis.com fonts.gstatic.com; connect-src 'self' www.google-analytics.com *.smartlook.com im9.cz; media-src 'none'; object-src 'none'; child-src 'none'; frame-src *.facebook.net *.facebook.com *.heureka.cz *.zbozi.cz *.g.doubleclick.net c.imedia.cz www.youtube.com; frame-ancestors 'none'; form-action 'self' *.facebook.com; reflected-xss block; referrer no-referrer; report-uri https://jirihosek.report-uri.io/r/default/csp/enforce; |
Expires | Thu, 19 Nov 1981 08:52:00 GMT |
Cache-Control | no-store, no-cache, must-revalidate |
Pragma | no-cache |
Vary | X-Requested-With |