Server | nginx |
Content-Type | text/html; charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
Vary | Accept-Encoding |
Content-Security-Policy | default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://admin.discoveryrom.org https://www.google.com https://www.gstatic.com https://pagead2.googlesyndication.com https://googleads.g.doubleclick.net https://tpc.googlesyndication.com https://adservice.google.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://fonts.googleapis.com; img-src 'self' https://admin.discoveryrom.org https://pagead2.googlesyndication.com https://www.gstatic.com https://tpc.googlesyndication.com https://googleads.g.doubleclick.net; font-src https://cdnjs.cloudflare.com https://fonts.gstatic.com; connect-src 'self' https://admin.discoveryrom.org https://csi.gstatic.com; child-src 'none'; frame-src https://www.google.com https://googleads.g.doubleclick.net https://tpc.googlesyndication.com https://cm.g.doubleclick.net https://securepubads.g.doubleclick.net; frame-ancestors 'none'; form-action 'self' https://www.paypal.com https://mobile.paypal.com https://androidfilehost.com; block-all-mixed-content; reflected-xss block; base-uri 'none'; report-uri /secure/api/report/csp/ |
Referrer-Policy | no-referrer |
X-Content-Type-Options | nosniff |
X-Download-Options | noopen |
X-Frame-Options | deny |
X-Permitted-Cross-Domain-Policies | none |
X-UA-Compatible | IE=Edge |
X-XSS-Protection | 1; mode=block |
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
Public-Key-Pins | pin-sha256="IxnILaTrrlusMzofSJ9hCUDA+NVM4ETRjyOs9jADIzs="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; max-age=5184000; includeSubDomains; report-uri="https://www.discoveryrom.org/secure/api/report/pkp/" |
Content-Encoding | gzip |