Cache-Control: no-store, no-cache, must-revalidate
HTTP/1.1 200 OK
Last-Modified: Sun, 14 May 2017 21:57:48 GMT
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Connection: keep-alive
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=windows-1251
X-Powered-By: PHP/5.3.29
X-Frame-Options: DENY
Date: Tue, 20 Jun 2017 07:47:55 GMT
Server: nginx/1.12.0
Cache-Control: post-check=0, pre-check=0
Expires: Sun, 14 May 2017 21:41:09 GMT
Vary: Accept-Encoding
Content-Security-Policy-Report-Only: report-uri ./index.php?content-security-policy=ok; default-src 'self'; img-src data: *.google.com lasto.com lasto.com/blog voprosotvet.su counter.yadro.ru *.gstatic.com *.2mdn.net *.doubleclick.net *.googleapis.com *.googlesyndication.com 'self'; script-src 'unsafe-inline' https://www.googleapis.com *.google-analytics.com *.google.com *.doubleclick.net https://*.googlesyndication.com *.googlesyndication.com *.gstatic.com 'self'; frame-src https://cse.google.com www.google.com/coop/cse/ https://*.doubleclick.net *.doubleclick.net *.googleadservices.com https://*.googlesyndication.com *.googlesyndication.com *.google.ru *.google.com kset.kz *.youtube.com 'self'; object-src https://cse.google.com www.google.com/coop/cse/ st.kset.kz www.youtube.com googleads.g.doubleclick.net *.googlesyndication.com *.gstatic.com 'self'; connect-src https://cse.google.com www.google.com/coop/cse/ https://translate.googleapis.com 'self'; style-src 'unsafe-inline' https://cse.google.com http://www.google.com *.gstatic.com fonts.googleapis.com 'self'; media-src *; font-src *.googleapis.com *.gstatic.com 'self'; form-action 'self';