| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Permissions-Policy | encrypted-media=* |
| Content-Type | text/html; charset=utf-8 |
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| Set-Cookie | sbfrank_current=mdm%3Drefferal%7C%7C%7Csrc%3Dwww.raiffeisen.ru%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Ctyp%3Drefferal; Path=/; Expires=Tue, 17 Apr 2035 13:40:56 GMT |
| Connection | keep-alive |
| Cache-Control | no-store, max-age=0 |
| Content-Security-Policy | default-src 'self'; font-src 'self' data: *.raif.v305.tmphost.ru cdn.megabonus.com fonts.gstatic.com kaplife.ru *.kaplife.ru raiffeisen-capital.ru *.raiffeisen-capital.ru raiffeisen-life.ru *.raiffeisen-life.ru raiffeisen-media.ru *.raiffeisen-media.ru raiffeisen.ru *.raiffeisen.ru rbinternational.com *.rbinternational.com www.gstatic.com yastatic.net; style-src 'self' 'unsafe-inline' *.raif.v305.tmphost.ru cdn.jsdelivr.net kaplife.ru *.kaplife.ru raiffeisen-capital.ru *.raiffeisen-capital.ru raiffeisen-life.ru *.raiffeisen-life.ru raiffeisen-media.ru *.raiffeisen-media.ru raiffeisen.ru *.raiffeisen.ru rbinternational.com *.rbinternational.com www.gstatic.com yastatic.net *.yastatic.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *.insapp.ru *.kaspersky-labs.com widget.oval.life polyfill.io code.jquery.com edge.fullstory.com connect.facebook.net *.googleoptimize.com *.tmweb.ru unpkg.com platform.twitter.com *.rutarget.ru *.hybrid.ai snap.licdn.com *.kirarock.space *.mail.ru *.raif.v305.tmphost.ru *.vk.com *.yandexcloud.net analytics.tiktok.com cdn.jsdelivr.net google-analytics.com *.google-analytics.com google.com *.google.com kaplife.ru *.kaplife.ru raiffeisen-capital.ru *.raiffeisen-capital.ru raiffeisen-life.ru *.raiffeisen-life.ru raiffeisen-media.ru *.raiffeisen-media.ru raiffeisen.agentapp.ru raiffeisen.ru *.raiffeisen.ru rbinternational.com *.rbinternational.com ru.id.facct.ru ru.id.group-ib.com statad.ru vk.com www.googletagmanager.com www.gstatic.com yandex.ru *.yandex.ru *.yandex.com *.yandex.by *.yandex.md *.yandex.kz *.yandex.net yastatic.net yastatic.net *.yastatic.net; frame-src *.doubleclick.net *.insapp.ru *.raif.v305.tmphost.ru *.vk.com *.yandexcloud.net captcha-api.yandex.ru mc.yandex.ru google.com *.google.com kaplife.ru *.kaplife.ru raiffeisen-life.ru *.raiffeisen-life.ru raiffeisen.agentapp.ru raiffeisen.ru *.raiffeisen.ru ru.id.facct.ru ru.id.group-ib.com sync.1dmp.io vk.com zettains.ru securepaymentway.ru *.sbrf.ru securepaymentgateway.ru securecardpayment.ru *.sberbank.ru mafin.ru raif.ponimau.com www.youtube.com; connect-src 'self' *.doubleclick.net *.insapp.ru *.kirarock.space *.mail.ru *.trackjs.com *.upravel.com *.vk.com analytics.tiktok.com dadata.ru *.dadata.ru google-analytics.com *.google-analytics.com kaplife.ru *.kaplife.ru lottiefiles.com *.lottiefiles.com raiffeisen-capital.ru *.raiffeisen-capital.ru raiffeisen-life.ru *.raiffeisen-life.ru raiffeisen-media.ru *.raiffeisen-media.ru raiffeisen.ru *.raiffeisen.ru rbinternational.com *.rbinternational.com ru.id.facct.ru vk.com wss://*.raiffeisen.ru raiffeisen.cpeople.ru sentry.b2bpolis.ru sbbe.group-ib.ru *.fp.kaspersky-labs.com *.amplitude.com ymetrica1.com www.googletagmanager.com yandex.ru *.yandex.ru *.yandex.com *.yandex.by *.yandex.md *.yandex.kz *.yandex.net; img-src 'self' blob: data: *.mail.ru *.trackjs.com *.upravel.com *.vk.com google-analytics.com *.google-analytics.com kaplife.ru *.kaplife.ru lottiefiles.com *.lottiefiles.com raiffeisen-capital.ru *.raiffeisen-capital.ru raiffeisen-life.ru *.raiffeisen-life.ru raiffeisen-media.ru *.raiffeisen-media.ru raiffeisen.ru *.raiffeisen.ru rbinternational.com *.rbinternational.com statad.ru sync.1dmp.io vk.com www.google.com www.google.ru *.google.com.tr www.gstatic.com www.welldonecode.com proxy-block.raiffeisen.ru:8002 hit.acstat.com yandex.ru *.yandex.ru *.yandex.com *.yandex.by *.yandex.md *.yandex.kz *.yandex.net yastatic.net *.yastatic.net; media-src blob: data: audiocdn.lingualeo.com api.lingvolive.com raiffeisen.ru *.raiffeisen.ru; form-action 'self'; |
| X-Xss-Protection | 1; mode=block |
| X-Content-Type-Options | nosniff |
| Referrer-Policy | no-referrer-when-downgrade |
| Server | nope |
| Date | Sat, 19 Apr 2025 13:40:56 GMT |
| Etag | W/"50fa7-EiDPTqunZUmaXd2JbIWJqB2X5e8" |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar