Server | nginx/1.10.1 |
Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Cache-Control | no-cache,no-store,must-revalidate |
Pragma | no-cache |
Expires | Sun, 24 Jul 2016 11:54:44 GMT |
Last-Modified | Mon, 24 Jul 2017 14:54:44 GMT |
Content-Security-Policy | default-src mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.gemius.pl *.weborama.fr *.adriver.ru *.serving-sys.com *.moatads.com; script-src 'unsafe-inline' 'unsafe-eval' mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.odnoklassniki.ru ok.ru *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.moatads.com; img-src data: blob: *; style-src 'unsafe-inline' 'unsafe-eval' blob: *.mail.ru *.imgsmail.ru *.mradx.net; font-src data: blob: https: *.mail.ru *.imgsmail.ru *.mradx.net; frame-src mail.ru *.mail.ru *.mradx.net *.doubleverify.com *.doubleclick.net ok.ru *.ok.ru; child-src mail.ru *.mail.ru *.mradx.net *.doubleverify.com *.doubleclick.net ok.ru *.ok.ru; report-uri https://cspreport.mail.ru/splash; |
X-Frame-Options | SAMEORIGIN |
X-XSS-Protection | 1; mode=block; report=https://cspreport.mail.ru/xxssprotection |
X-Content-Type-Options | nosniff |
Strict-Transport-Security | max-age=16070400 |
Content-Encoding | gzip |