Server | Apache |
X-UA-Compatible | IE=Edge |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Frame-Options | DENY |
X-Content-Type-Options | nosniff |
X-WebKit-CSP | allow 'self'; |
Content-Security-Policy | default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://heliostore.ru/; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://heliostore.ru/ https://www.google-analytics.com https://api-maps.yandex.ru https://money.yandex.ru https://mc.yandex.ru/ https://counter.yadro.ru/ https://yastatic.net https://stats.g.doubleclick.net; style-src 'self' data: 'unsafe-inline' ; img-src 'self' data: https://heliostore.ru/ https://www.google-analytics.com https://api-maps.yandex.ru https://money.yandex.ru https://*.maps.yandex.net https://counter.yadro.ru/ https://mc.yandex.ru/ https://yastatic.net https://stats.g.doubleclick.net; font-src 'self' data: ; connect-src 'self' https://heliostore.ru/ https://www.google-analytics.com https://api-maps.yandex.ru https://counter.yadro.ru/ https://money.yandex.ru https://mc.yandex.ru/ https://stats.g.doubleclick.net; media-src 'self' https://heliostore.ru/ https://www.google-analytics.com https://api-maps.yandex.ru https://counter.yadro.ru/ https://money.yandex.ru https://mc.yandex.ru/ https://stats.g.doubleclick.net; object-src https://heliostore.ru/ https://www.google-analytics.com https://api-maps.yandex.ru https://counter.yadro.ru/ https://money.yandex.ru https://mc.yandex.ru/ https://stats.g.doubleclick.net; child-src https://heliostore.ru/ https://www.google-analytics.com https://api-maps.yandex.ru https://counter.yadro.ru/ https://money.yandex.ru https://mc.yandex.ru/ https://stats.g.doubleclick.net; frame-ancestors 'self' https://heliostore.ru/ https://www.google-analytics.com https://api-maps.yandex.ru https://counter.yadro.ru/ https://money.yandex.ru https://mc.yandex.ru/ https://stats.g.doubleclick.net; form-action 'self' https://heliostore.ru/ https://www.google-analytics.com https://api-maps.yandex.ru https://counter.yadro.ru/ https://money.yandex.ru https://mc.yandex.ru/ https://stats.g.doubleclick.net; upgrade-insecure-requests; reflected-xss block; base-uri https://heliostore.ru/; manifest-src 'self' ; referrer origin; report-uri /csp/rp.php; |
Public-Key-Pins | pin-sha256="3L+w7MJu+kd/Zyv9Dia3mWmGDwhe0DYvVnF8sTFx19U="; pin-sha256="e2yT9ofIHn8Tj/dZhAWAPGbQieuno6irQMb0D83J/rw="; pin-sha256="1qGEQ9NI25lPk0zNjmNdgzonrB5W+K+vfJfLT0Pqtos="; pin-sha256="5C8kvU039KouVrl52D0eZSGf4Onjo4Khs8tmyTlV3nU="; max-age=31536000; includeSubDomains |
Cache-Control | max-age=0, no-cache, must-revalidate |
Pragma | no-cache |
Vary | Accept-Encoding |
Content-Encoding | gzip |
X-XSS-Protection | 1; mode=block |
X-DNS-Prefetch-Control | on |
Keep-Alive | timeout=1, max=15 |
Connection | Keep-Alive |
Content-Type | text/html; Charset=utf-8 |