Server | nginx |
Content-Type | text/html; charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
X-Powered-By | PHP/5.6.29, lols.gg |
content-security-policy | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' mc.yandex.ru *.google-analytics.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' data: mc.yandex.ru *.google-analytics.com; media-src 'self'; frame-src 'self' mc.yandex.ru; font-src 'self' *.gstatic.com; connect-src 'self' mc.yandex.ru |
x-content-security-policy | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' mc.yandex.ru *.google-analytics.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' data: mc.yandex.ru *.google-analytics.com; media-src 'self'; frame-src 'self' mc.yandex.ru; font-src 'self' *.gstatic.com; connect-src 'self' mc.yandex.ru |
x-webkit-csp | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' mc.yandex.ru *.google-analytics.com; object-src 'self'; style-src 'self' 'unsafe-inline' *.googleapis.com; img-src 'self' data: mc.yandex.ru *.google-analytics.com; media-src 'self'; frame-src 'self' mc.yandex.ru; font-src 'self' *.gstatic.com; connect-src 'self' mc.yandex.ru |
x-frame-options | SAMEORIGIN |
x-xss-protection | 1; mode=block |