Open
Cached
·
just now
13
directives
Content-Security-Policy
Content-Security-Policy: connect-src 'self' *.maps.yandex.net api-maps.yandex.ru api.selectel.ru hog.selectel.ru https://chatwoot.selectel.ru wss://chatwoot.selectel.ru https://statuspal.io/api/v2/status_pages/selectel/summary https://*.mindbox.ru https://selectel.ru https://cdn.selectel.ru https://top-fwz1.mail.ru https://web.popmechanic.ru https://metrics.selectel.ru leads.selectel.ru mc.yandex.ru suggest-maps.yandex.ru wss://api.selectel.ru wss://ws.selectel.ru www.youtube.com https://yulixr.ru/ https://hooks.zapier.com/hooks/catch/11509819/ https://hooks.zapier.com/hooks/catch/12416931/ https://script.google.com/a/macros/selectel.com/s/AKfycbzM4er3RoKbPw3cQALGtakLQ7xfTtUk8PETDoXQyYh6kiCLnhu1oO4iCy2CuhT38cGrCA/exec https://files.selectel.ru https://telegram.org/pxl https://core.service.elfsight.com; default-src 'none'; font-src 'self' data: https://cdn.selectel.ru https://6f3bf64a-14d1-4b68-9202-2a000ca072b9.selcdn.net; frame-ancestors 'self' my.selectel.ru promo.selectel.ru go.teachbase.ru learn.selectel.org webvisor.com metrika.yandex.ru; frame-src 'self' api-maps.yandex.ru calc.selectel.ru https://chatwoot.selectel.ru googleads.g.doubleclick.net https://forms.amocrm.ru/ https://player.vimeo.com/ https://vk.com/ www.google.com www.google.ru www.youtube.com https://rutube.ru/ https://kinescope.io/; img-src https: data: blob:; manifest-src 'self'; media-src 'self' https://chatwoot.selectel.ru https://cdn.selectel.ru https://6f3bf64a-14d1-4b68-9202-2a000ca072b9.selcdn.net https://files.selectel.ru; object-src 'self' blob:; report-uri https://relay.selectel.ru/api/87/security/?sentry_key=33110db9255441e5b312279003c189b1 https://relay.selectel.ru/api/20/csp-report/?sentry_key=7af12a7683624269a0cab11188e3d86e; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.maps.yandex.net api-maps.yandex.ru cdn.ampproject.org hog.selectel.ru https://chatwoot.selectel.ru https://cdn.selectel.ru https://6f3bf64a-14d1-4b68-9202-2a000ca072b9.selcdn.net https://cse.google.com/adsense/search/async-ads.js https://cse.google.com/cse.js https://cse.google.com/cse/element/v1 https://s.ytimg.com https://static.popmechanic.ru https://top-fwz1.mail.ru https://vk.com https://www.google.com https://metrics.selectel.ru mc.yandex.ru https://*.mindbox.ru https://widgets.mango-office.ru https://dct.mango-office.ru selectel.ru suggest-maps.yandex.ru www.google.com www.googleadservices.com www.gstatic.com www.youtube.com yastatic.net https://telegram.org/js/pixel.js https://elfsightcdn.com https://universe-static.elfsightcdn.com; style-src 'self' 'unsafe-inline' https://cdn.selectel.ru/ https://6f3bf64a-14d1-4b68-9202-2a000ca072b9.selcdn.net https://chatwoot.selectel.ru https://fonts.googleapis.com https://static.popmechanic.ru https://www.google.com/cse/static/element/ https://www.google.com/cse/static/style/look/v4/espresso.css https://*.mindbox.ru; upgrade-insecure-requests;
connect-src
Keyword
—
'self'
default-src
Keyword
—
'none'
font-src
Keyword
—
'self'
font-src
Scheme
—
data:
font-src
Host
—
frame-ancestors
Keyword
—
'self'
frame-src
Keyword
—
'self'
img-src
Scheme
—
https:
img-src
Scheme
—
data:
img-src
Scheme
—
blob:
manifest-src
Keyword
—
'self'
media-src
Keyword
—
'self'
media-src
Host
—
object-src
Keyword
—
'self'
object-src
Scheme
—
blob:
script-src
Keyword
—
'self'
script-src
Keyword
—
'unsafe-eval'
script-src
Keyword
—
'unsafe-inline'
script-src
Host
—
style-src
Keyword
—
'self'
style-src
Keyword
—
'unsafe-inline'
style-src
Host
—
upgrade-insecure-requests
Source
—
(no sources)
Content-Security-Policy-Report-Only
No report-only CSP headers found.