Безопасность
X-Frame-Options = DENY
X-XSS-Protection = 1; mode=block
X-Content-Type-Options = nosniff
Strict-Transport-Security = max-age=86400
Referrer-Policy = no-referrer-when-downgrade
X-DNS-Prefetch-Control = on
Контроль доступа
P3P = CP="CAO PSA OUR"
Timing-Allow-Origin = *
Сжатие
Content-Encoding = gzip (application/javascript, application/ld+json, text/javascript, text/css, text/html, text/plain, js, css, json, svg)
Vary = Accept-Encoding
Разное
X-Powered-By = [Unset]
Connection = keep-alive
Content-Type = .svg => image/svg+xml .jsonp => application/javascript
X-Robots-Tag = all