Server | nginx |
Content-Type | text/html; charset=UTF-8 |
Connection | keep-alive |
X-Powered-By | PHP/5.6.30 |
Vary | Accept-Encoding,Cookie |
Content-Encoding | gzip |
Cache-Control | max-age=3, must-revalidate, max-age=1728000, must-revalidate |
Expires | Mon, 12 Mar 2018 18:29:05 GMT |
X-XSS-Protection | 1; mode=block |
X-Frame-Options | DENY |
Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.wordpress.org wordpress.org *.gravatar.com gravatar.com *.yastatic.net yastatic.net *.google-analytics.com google-analytics.com *.yandex.ru yandex.ru *.yandex.net yandex.st *.yandex.st https://*.yandex.ru *.googleapis.com *.gstatic.com gstatic.com *.cloudflare.com *.google.ru *.yandexadexchange.net *.googlesyndication.com *.doubleclick.net https://*.googleapis.com https://*.gstatic.com https://gstatic.com https://*.googlesyndication.com vk.com *.vk.com https://vk.com https://*.vk.com google.com *.google.com https://google.com https://*.google.com userapi.com ok.ru *.ok.ru akismet.com *.akismet.com; child-src 'self' *.wordpress.org wordpress.org *.gravatar.com gravatar.com *.yastatic.net yastatic.net *.google-analytics.com google-analytics.com *.yandex.ru yandex.ru *.yandex.net yandex.st *.yandex.st https://*.yandex.ru *.googleapis.com *.gstatic.com gstatic.com *.googlesyndication.com *.doubleclick.net *.yandexadexchange.net youtube.ru youtube.com *.youtube.ru *.youtube.com https://youtube.ru https://youtube.com https://*.youtube.ru https://*.youtube.com apis.google.com https://*.googleapis.com https://*.gstatic.com https://gstatic.com https://*.googlesyndication.com https://*.doubleclick.net https://apis.google.com vk.com *.vk.com https://vk.com https://*.vk.com google.com *.google.com https://google.com https://*.google.com ok.ru *.ok.ru akismet.com *.akismet.com; object-src 'self'; img-src 'self' *.yandex.ru *.yandex.net https://*.googlesyndication.com *.google-analytics.com *.doubleclick.net data:; font-src 'self' *.yandex.ru data:; connect-src 'self' *.yandex.ru; style-src 'unsafe-inline' 'unsafe-eval' 'self'; frame-ancestors; |