- Resource
- https://www.googletagmanager.com/gtm.js?id=GTM-PP52DD&l=dataLayerV2
- Description
- [Report Only] Refused to load the script 'https://web.cmp.usercentrics.eu/ui/loader.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
| Content Security Policy | Controls resources the user agent is allowed to load for a given page.
Click to learn more... |
- Resource
- https://cdn-4.convertexperiments.com/static/v1/signals.observer.min.js
- Description
- [Report Only] Refused to create a worker from 'blob:https://www.drmax.cz/d185fe53-f55f-4916-ae8d-e4aed6954261' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'worker-src' was not explicitly set, so 'default-src' is used as a fallback.
| Content Security Policy | Controls resources the user agent is allowed to load for a given page.
Click to learn more... |
- Resource
- https://www.drmax.cz/
- Description
- [Report Only] Refused to create a worker from 'blob:https://www.drmax.cz/d185fe53-f55f-4916-ae8d-e4aed6954261' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'worker-src' was not explicitly set, so 'default-src' is used as a fallback.
| Content Security Policy | Controls resources the user agent is allowed to load for a given page.
Click to learn more... |
- Resource
- https://web.cmp.usercentrics.eu/ui/loader.js
- Description
- [Report Only] Refused to load the script 'https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
| Content Security Policy | Controls resources the user agent is allowed to load for a given page.
Click to learn more... |
- Resource
- https://web.cmp.usercentrics.eu/ui/loader.js
- Description
- [Report Only] Refused to load the script 'https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
| Content Security Policy | Controls resources the user agent is allowed to load for a given page.
Click to learn more... |
- Resource
- https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js
- Description
- [Report Only] Refused to connect to 'https://v1.api.service.cmp.usercentrics.eu/latest/core/_9-1Z62sbLkx-Z' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
| Content Security Policy | Controls resources the user agent is allowed to load for a given page.
Click to learn more... |
- Resource
- https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js
- Description
- [Report Only] Refused to connect to 'https://v1.api.service.cmp.usercentrics.eu/latest/core/_9-1Z62sbLkx-Z' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
| Content Security Policy | Controls resources the user agent is allowed to load for a given page.
Click to learn more... |
- Resource
- https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js
- Description
- [Report Only] Refused to connect to 'https://v1.api.service.cmp.usercentrics.eu/latest/1/cmp/cs/GDPR/_9-1Z62sbLkx-Z/7.1.4/7.1.4' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
| Content Security Policy | Controls resources the user agent is allowed to load for a given page.
Click to learn more... |
- Resource
- https://web.cmp.usercentrics.eu/ui/v/3.28.3/BrowserSdk.lib.a6384558.js
- Description
- [Report Only] Refused to connect to 'https://v1.api.service.cmp.usercentrics.eu/latest/1/cmp/cs/GDPR/_9-1Z62sbLkx-Z/7.1.4/7.1.4' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
| Content Security Policy | Controls resources the user agent is allowed to load for a given page.
Click to learn more... |
- Resource
- https://web.cmp.usercentrics.eu/ui/loader.js
- Description
- [Report Only] Refused to load the script 'https://web.cmp.usercentrics.eu/ui/v/3.28.3/GdprCmpController.5b3825a7.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
| Content Security Policy | Controls resources the user agent is allowed to load for a given page.
Click to learn more... |
- Resource
- https://web.cmp.usercentrics.eu/ui/loader.js
- Description
- [Report Only] Refused to load the script 'https://web.cmp.usercentrics.eu/ui/v/3.28.3/GdprCmpController.5b3825a7.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
| Content Security Policy | Controls resources the user agent is allowed to load for a given page.
Click to learn more... |
- Resource
- https://www.drmax.cz/_nuxt/vendors/app/bf0052596e97f6be8164.js
- Description
- [Report Only] Refused to connect to 'https://consent-api.service.consent.usercentrics.eu/consent/uw/3' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
| Content Security Policy | Controls resources the user agent is allowed to load for a given page.
Click to learn more... |
- Resource
- https://www.drmax.cz/_nuxt/vendors/app/bf0052596e97f6be8164.js
- Description
- [Report Only] Refused to connect to 'https://consent-api.service.consent.usercentrics.eu/consent/uw/3' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.algolia.net *.algolianet.com *.clarity.ms *.cookiebot.com *.drmax-cz.space *.drmax-gl.space *.drmax-gl.dev *.drmax-sk.space *.drmax.cz *.drmax.net *.drmax.sk *.drmax.zone *.drmax-gl.live *.facebook.com *.facebook.net *.fbcdn.net *.google-analytics.com *.google.com *.googleapis.com *.hotjar.com *.hotjar.io *.instagram.com *.sentry.io *.twitter.com api.luigisbox.com api.mailkit.eu backend.drmax-cz.space bam.eu01.nr-data.net bat.bing.com c.imedia.cz c.seznam.cz cdn.jsdelivr.net cdn.luigisbox.com cdn.speedcurve.com cdn-4.convertexperiments.com cdp.drmax.meiro.io drmax-events.persoo.app drmaxczeepmhub.azurewebsites.net drmaxczeepmhubtest.azurewebsites.net dynamic.criteo.com events.drmax.cz fledge.eu.criteo.com fonts.gstatic.com googleads.g.doubleclick.net gum.criteo.com image-resizer-svc.drmax-gl.live image-resizer-svc.drmax-gl.space insights.algolia.io js-agent.newrelic.com measurement-api.criteo.com meiro.drmax.cz pagead2.googlesyndication.com placement-service.drmax-gl.live placement-service.drmax-gl.space rtp.persoo.ai s2.adform.net scripts.persoo.cz search-service.drmax-gl.space signals.convertexperiments.com sslwidget.criteo.com static.cloudflareinsights.com static.criteo.net stats.g.doubleclick.com stats.g.doubleclick.net td.doubleclick.net track.adform.net u.mailkit.eu unpkg.com www.google.cz www.googleoptimize.com www.googletagmanager.com www.gstatic.com www.recaptcha.net www.youtube-nocookie.com www.youtube.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
| Content Security Policy | Controls resources the user agent is allowed to load for a given page.
Click to learn more... |