yoomoney.ru
HTTP check results
HTTP Response Headers
server
Angie
date
Mon, 06 Apr 2026 03:03:14 GMT
content-type
text/html
vary
Accept-Encoding
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
DENY
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
same-origin
x-xss-protection
0
content-security-policy
default-src https://static.yoomoney.ru; base-uri 'none'; object-src 'none'; script-src 'self' 'nonce-Lu29+LD36TK0ADD3szd3HA==' 'strict-dynamic' 'report-sample' https://yoomoney.ru https://*.yoomoney.ru; style-src 'self' 'unsafe-inline' https://static.yoomoney.ru; font-src 'self' https://static.yoomoney.ru https://*.yoomoney.ru https://static.tildacdn.com; img-src 'self' data: https://static.yoomoney.ru https://yoomoney.ru https://*.yoomoney.ru https://ad.adriver.ru https://top-fwz1.mail.ru https://vk.com https://counter.rambler.ru/top100.cnt https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz https://ccomni-ds.yoomoney.ru https://avatars.mds.yandex.net; media-src 'self' https://static.yoomoney.ru; manifest-src 'self' https://static.yoomoney.ru; frame-src 'self' https://yoomoney.ru https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz; child-src 'self'; connect-src 'self' https://yoomoney.ru https://*.yoomoney.ru https://stat.tildacdn.com https://top-fwz1.mail.ru https://privacy-cs.mail.ru https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz https://kraken.rambler.ru/cnt/v2/ https://kraken-mdt.rambler.ru/cnt/v2/ https://yandex.ru https://127.0.0.1 wss://*.yoomoney.ru; form-action 'self' https://*.yoomoney.ru; frame-ancestors 'self' https://yoomoney.ru; upgrade-insecure-requests; block-all-mixed-content; report-to user-promo; report-uri https://yoomoney.ru/user-promo/platform/report-csp;
reporting-endpoints
user-promo="https://yoomoney.ru/user-promo/platform/report-csp", default="https://yoomoney.ru/user-promo/platform/report-csp"
report-to
{"group":"user-promo","max_age":60000,"endpoints":[{"url":"https://yoomoney.ru/user-promo/platform/report-csp"}]}
x-envoy-upstream-service-time
42
cache-control
no-store
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
Security Headers
strict-transport-security
content-security-policy
x-content-type-options
x-frame-options
x-xss-protection
referrer-policy
permissions-policy