Set-Cookie: PHPSESSID=nurke1259kq03a7808crf9ibs0; path=/
object-src 'none'
Content-Type: text/html; charset=UTF-8
Strict-Transport-Security: max-age=15768000;
X-Frame-Options: SAMEORIGIN
Public-Key-Pins: pin-sha256="NH/JPHe68eWU9NT/p0Crauxsd+4HbvUV1N7Ak2KcJFk="; pin-sha256="ss5qqAYA11SHSQkWdPsV5L57x2FvQ2Haggvxcnb1uC0="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="QAVW7Jj5JXTp3mLxtcYrme/kqAFqKXcGCugJgNRqeXE="; max-age=15768000;
script-src 'self' https://*.google-analytics.com https://*.top100.ru https://*.yandex.ru 'unsafe-inline' 'unsafe-eval' https://*.google-analytics.com https://*.googleapis.com https://*.yadro.ru https://openstat.net;
Server: nginx
img-src 'self' https://i0.wp.com https://front.facetz.net https://*.rambler.ru https://*.g.doubleclick.net https://*.yandex.ru https://*.google-analytics.com https://*.googleapis.com https://*.gravatar.com https://*.yadro.ru https://openstat.net;
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' https://i0.wp.com https://*.yandex.ru https://*.google-analytics.com https://*.top100.ru https://*.googleapis.com https://*.gravatar.com https://*.yadro.ru https://openstat.net;
HTTP/1.1 200 OK
Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
child-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com;
Connection: keep-alive
X-Content-Type-Options: nosniff
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com;
Date: Wed, 17 May 2017 23:04:34 GMT
X-XSS-Protection: 1; mode=block
font-src 'self' https://themes.googleusercontent.com;