Server | nginx |
Content-Type | text/html; charset=windows-1251 |
Connection | keep-alive |
Cache-Control | no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 |
Pragma | no-cache |
Last-Modified | Sun, 06 Mar 2016 11:33:58 GMT |
Content-Encoding | gzip |
Vary | Accept-Encoding |
X-Frame-Options | DENY |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Content-Security-Policy-Report-Only | report-uri //csp.merlion.ru:8080/report/249649222731330733/samsungpromo/; connect-src *.google-analytics.com *.yandex.ru 'self' ; child-src 'self' ; font-src 'self' ; form-action 'self' ; frame-ancestors 'self' ; frame-src *.youtube.com 'self' ; img-src *.google-analytics.com *.yandex.net *.yandex.ru *.merlion.ru 'self' ; media-src 'self' ; object-src 'self' ; script-src *.google-analytics.com *.yandex.net *.yandex.ru 'self' ; style-src *.yandex.net *.yandex.ru 'unsafe-inline' 'self' ; default-src 'none' ; strict-mixed-content-checking; reflected-xss filter; referrer origin-when-cross-origin; |