Content-Type | text/html; charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Referrer-Policy | origin-when-cross-origin, strict-origin-when-cross-origin |
X-Frame-Options | DENY |
X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
Content-Security-Policy | default-src 'self'; img-src 'self' data: *.go2affise.com *.facebook.net *.facebook.com www.google.com google.com www.google.ru google.ru stats.g.doubleclick.net mc.yandex.ru www.google-analytics.com google-analytics.com *.fbcdn.net *.twimg.com *.googleusercontent.com *.xingassets.com vk.com *.yimg.com secure.gravatar.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com maxcdn.bootstrapcdn.com cdn.jsdelivr.net fonts.googleapis.com; font-src 'self' fonts.gstatic.com fonts.googleapis.com cdnjs.cloudflare.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.yastatic.net yastatic.net *.go2affise.com *.facebook.net *.facebook.com mc.yandex.ru www.google-analytics.com google-analytics.com clef.io cdnjs.cloudflare.com; connect-src 'self' mc.yandex.ru twitter.com *.xing.com; frame-src clef.io; |
X-Permitted-Cross-Domain-Policies | master-only |
Via | 1.1 google |
Alt-Svc | clear |
Server | cloudflare-nginx |
CF-RAY | 3bd1d5dd9fe93fa7-YUL |
Content-Encoding | gzip |