Vary: Accept-Encoding
X-Frame-Options: ALLOW-FROM http://metrika.yandex.ru
Set-Cookie: _otzovy_session=VEdRVUpPSGZYanFsVzlwd1hhaUpvWFlVT0N5SUxCYXkzWm9HRHR2Sngzem5RMGJVSGI0ODdwbndvM2VKczVrK1lwbzJwYzNNQ2J4UFB3amJIY0lNSTU0VmxseVozNkxkcUJhZjZYSnNIZERxRk5SaXlJbGFsTkdFMWtTYTh5d2lFZVlXV2hZUEtLWC8wQmtDRWVqQ1pBPT0tLUFaNFB2cDJmemdRZHJNVTlvTFlPOEE9PQ%3D%3D--d2506915d3fb81c0a3cad22927550032335330ac; domain=.otzovy.ru; path=/; HttpOnly
Status: 200 OK
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: comments_view_token=ca725839a8e3b53ee48c6c591b17a149; path=/; expires=Thu, 25 May 2017 03:10:12 -0000
Cache-Control: max-age=0, private, must-revalidate
X-Permitted-Cross-Domain-Policies: none
HTTP/1.1 200 OK
X-Request-Id: ace192fc-1e57-4f68-9763-07dc91f1a0ae
X-Rack-Cache: miss
Content-Security-Policy: default-src http: 'self' https:; connect-src http: 'self' https: js-agent.newrelic.com yandex.ru *.googleadservices.com *.mediasaturnrussia.ru *.mmr.ms yastatic.net pagead2.googlesyndication.com counter.yadro.ru www.youtube.com *.googlevideo.com *.gstatic.com *.yandex.ru *.yandex.st *.yandex.ua *.yandex.net yandex.net yandex.st yandex.ua *.yastatic.net ssl.google-analytics.com translate.googleapis.com www.google-analytics.com; font-src http: 'self' data: pagead2.googlesyndication.com *.bootstrapcdn.com fonts.gstatic.com themes.googleusercontent.com apps.2gis.ru yastatic.net; frame-src http: 'self' https: st.yandexadexchange.net *.yahoo.com *.yandex.st *.yandex.ua *.yandex.net yandex.st *.yandex.ru *.yastatic.net *.yandex.sc www.youtube.com *.googlesyndication.com *.doubleclick.net *.google.com yastatic.net; img-src data: *; media-src http: 'self' mediastream https:; object-src http: 'self' st.yandexadexchange.net api-maps.yandex.ru yastatic.net *.ytimg.com *.macromedia.com *.adobe.com *.googleapis.com www.youtube.com *.gstatic.com; script-src http: 'self' data: 'unsafe-eval' 'unsafe-inline' https: ad.admitad.com st.yandexadexchange.net yandex.ru *.google.ru *.google.kz ya.ru *.rambler.ru ssl.google-analytics.com js-agent.newrelic.com *.yandex.st *.yandex.ua *.yandex.net yandex.net yandex.st yastatic.net yandex.ua *.yastatic.net www.google-analytics.com liveinternet.ru *.googleapis.com *.google.lv *.google.com *.google.com.ua google.com.ua *.gstatic.com *.googlesyndication.com *.doubleclick.net *.yandex.ru *.google.by; style-src http: 'self' 'unsafe-inline' st.yandexadexchange.net api-maps.yandex.ru translate.googleapis.com fonts.googleapis.com *.bootstrapcdn.com an.yandex.ru yastatic.net googleads.g.doubleclick.net; report-uri http://www.otzovy.ru/csp_reports
X-Powered-By: Phusion Passenger 5.1.2
Date: Thu, 18 May 2017 03:10:12 GMT
X-Runtime: 0.032100
Content-Type: text/html; charset=utf-8
Connection: keep-alive
ETag: W/"a1ea374397eeea16074d836ef94117ed"
Content-Length: 34055
X-Download-Options: noopen
Set-Cookie: the_comment_cookies=JustTheCommentsCookies; path=/; expires=Fri, 18 May 2018 03:10:12 -0000
Server: nginx + Phusion Passenger 5.1.2
Vary: Accept-Encoding