Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Status | 200 OK |
Cache-Control | max-age=0, private, must-revalidate |
Vary | Accept-Encoding |
Content-Encoding | gzip |
X-Permitted-Cross-Domain-Policies | none |
X-XSS-Protection | 1; mode=block |
X-Request-Id | 274206c6-90d7-48ea-b3e0-5e7b59bf1971 |
X-Download-Options | noopen |
ETag | W/"d39facfaeba75ca47053207af2375a63" |
X-Frame-Options | ALLOW-FROM http://metrika.yandex.ru |
X-Runtime | 0.106420 |
X-Content-Type-Options | nosniff |
Content-Security-Policy | default-src http: 'self'; connect-src http: 'self' https://pagead2.googlesyndication.com https://counter.yadro.ru https://www.youtube.com *.googlevideo.com https://*.gstatic.com https://*.yandex.ru *.yandex.st *.yandex.ua *.yandex.net yandex.net yandex.st https://yandex.st yandex.ru yandex.ua *.yastatic.net yastatic.net https://ssl.google-analytics.com https://translate.googleapis.com https://www.google-analytics.com https://*.yandex.net/; font-src http: 'self' https://*.bootstrapcdn.com https://fonts.gstatic.com https://themes.googleusercontent.com https://apps.2gis.ru; frame-src http: 'self' *.yahoo.com *.yandex.st *.yandex.ua *.yandex.net yandex.net yandex.st https://yandex.st yandex.ru yandex.ua *.yastatic.net yastatic.net yandex.sc www.youtube.com https://www.youtube.com *.googlesyndication.com *.doubleclick.net https://*.doubleclick.net https://*.google.com *.google.com https://yastatic.net https://awaps.yandex.ru; img-src http: 'self' data: https://top-fwz1.mail.ru https://*.yandex.ru https://*.google.no https://*.google.ee https://*.rambler.ru https://da.c8.ba.a1.top.mail.ru https://counter.yadro.ru https://www.google-analytics.com https://*.yandex.net *.yandex.ua *.yandex.net yandex.net yandex.st https://yandex.st yandex.ru yandex.ua *.yastatic.net yastatic.net https://yastatic.net https://2.gravatar.com https://pp.vk.me https://translate.googleapis.com https://www.google.com https://ssl.google-analytics.com https://*.googlesyndication.com https://mail.rambler.ru https://www.facebook.com https://twitter.com https://*.doubleclick.net https://www.google.ru https://stats.g.doubleclick.net https://*.google.com https://*.gstatic.com https://*.google.by https://*.google.kz https://*.google.com.ua top-fwz1.mail.ru; media-src http: 'self' mediastream; object-src http: 'self' *.ytimg.com *.macromedia.com *.adobe.com https://*.adobe.com https://*.googleapis.com *.googleapis.com www.youtube.com https://www.youtube.com *.gstatic.com; script-src http: 'self' data: 'unsafe-eval' 'unsafe-inline' https://ya.ru https://*.rambler.ru https://ssl.google-analytics.com https://js-agent.newrelic.com *.yandex.st *.yandex.ua *.yandex.net yandex.net yandex.st https://yandex.st yandex.ru yandex.ua *.yastatic.net yastatic.net googleads.g.doubleclick.net counter.rambler.ru www.google-analytics.com liveinternet.ru https://api-maps.yandex.ru https://*.googleapis.com https://*.google.com *.google.com *.gstatic.com https://*.gstatic.com https://www.google-analytics.com *.googlesyndication.com https://*.googlesyndication.com *.googleapis.com *.doubleclick.net https://*.yandex.ru *.yandex.ru https://*.yandex.net https://*.google.by; style-src http: 'self' 'unsafe-inline' https://translate.googleapis.com https://fonts.googleapis.com https://*.bootstrapcdn.com https://an.yandex.ru; report-uri http://www.otzovy.ru/csp_reports?enforce=true&app_name=OtzovyRails; |
X-Rack-Cache | miss |
X-Powered-By | Phusion Passenger 5.0.21 |
Server | nginx/1.8.0 + Phusion Passenger 5.0.21 |