Server | nginx/1.10.3 |
Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
X-Powered-By | Nette Framework |
X-Frame-Options | SAMEORIGIN |
Vary | Accept-Encoding, X-Requested-With |
X-Content-Type-Options | nosniff |
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.googletagmanager.com *.facebook.net *.facebook.com *.doubleclick.net *.google-analytics.com *.google.com *.google.se *.melissatravel.cz *.googleapis.com *.gstatic.com *.youtube.com *.fbcdn.net c.imedia.cz *.google.cz |
X-XSS-Protection | 1; mode=block |
Strict-Transport-Security | max-age=15768000; includeSubDomains |
Content-Encoding | gzip |