X-Content-Type-Options: nosniff
Set-Cookie: CMSSESSIONID=FxEgFnge9tSZjH2b-nbZYQ__.bik2; Path=/; Secure; HttpOnly
X-Frame-Options: deny
Vary: Accept-Encoding
Server: HTTPD
Content-Security-Policy: default-src 'self' https://maps.googleapis.com http://maps.googleapis.com; font-src 'self' https://fonts.gstatic.com https://maps.googleapis.com http://maps.googleapis.com; style-src 'self' 'unsafe-inline' clients1.google.com https://cse.google.com http://maps.googleapis.com www.google.com https://maps.googleapis.com www.googleapis.com http://cse.google.com https://fonts.googleapis.com; img-src 'self' data: clients1.google.com https://cse.google.com https://stats.g.doubleclick.net https://www.facebook.com https://csi.gstatic.com https://maps.googleapis.com www.googleapis.com https://www.google.pl https://maps.gstatic.com http://maps.googleapis.com http://google.com www.google.com https://www.google-analytics.com http://*.googleusercontent.com http://maps.gstatic.com; frame-src 'self' http://maps.googleapis.com cse.google.com https://www.facebook.com https://maps.googleapis.com https://www.bik.pl https://konto.bik.pl staticxx.facebook.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com https://cse.google.com http://www.google.com http://clients1.google.com http://maps.googleapis.com http://googleapis.com https://www.google-analytics.com https://www.facebook.com connect.facebook.net http://cse.google.com https://*.googleapis.com; object-src 'self' https://maps.googleapis.com http://maps.googleapis.com; connect-src 'self' ;
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: must-revalidate
Date: Sun, 14 May 2017 23:45:07 GMT
HTTP/1.1 200 OK
Content-Length: 28704
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Content-Type: text/html;charset=UTF-8
Cache-Control: no-cache
Cache-Control: no-store