Server | Apache/2.4.10 (Debian) |
X-Powered-By | Nette Framework |
X-Content-Type-Options | nosniff |
X-XXS-Protection | 1 |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Frame-Options | DENY |
Expires | Thu, 19 Nov 1981 08:52:00 GMT |
Cache-Control | no-store, no-cache, must-revalidate |
Pragma | no-cache |
Vary | X-Requested-With,Accept-Encoding |
Content-Encoding | gzip |
Content-Security-Policy | default-src 'self'; img-src *; script-src 'self' https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.google-analytics.com *.googleapis.com *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data: |
Keep-Alive | timeout=5, max=100 |
Connection | Keep-Alive |
Content-Type | text/html; charset=utf-8 |