Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: https://embed.calendar.mail.ru
Connection: keep-alive
Content-Security-Policy: default-src *.mail.ru *.imgsmail.ru *.yadro.ru *.vimeo.com *.youtube.com *.yandex.ru *.facebook.com *.vk.com *.odnoklassniki.ru ok.ru *.ok.ru *.tns-counter.ru; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru *.imgsmail.ru *.yadro.ru *.yandex.ru *.facebook.com *.vk.com *.twitter.com *.youtube.com *.odnoklassniki.ru ok.ru *.ok.ru *.tns-counter.ru www.google-analytics.com; style-src 'unsafe-inline' *.mail.ru *.imgsmail.ru *.youtube.com; img-src data: *; report-uri https://cspreport.mail.ru/calendar/;
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Oct 2017 15:55:33 GMT
Server: nginx/1.9.2
Strict-Transport-Security: max-age=31556926
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: Calendar.mail.ru/2.60.4
X-Xss-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection