Content-Security-Policy-Report-Only | default-src 'self' *.tryengineering.org *.accreditation.org *.addthis.com; script-src 'self' *.ieee.org *.googleapis.com *.google.com *.gstatic.com *.google-analytics.com *.typekit.net use.typekit.net *.addthis.com *.twitter.com *.disqus.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.myfonts.net use.typekit.net *.typekit.net *.googleapis.com *.disqus.com *.disquscdn.com *.addthis.com 'unsafe-inline'; img-src 'self' *.tryengineering.org *.accreditation.org *.googleapis.com *.addthis.com *.gstatic.com *.typekit.net *.disqus.com *.google-analytics.com *.doubleclick.net stats.g.doubleclick.net *.amazonaws.com p.typekit.net data: *.addthis.com; frame-src 'self' *.tryengineering.org *.accreditation.org *.google.com *.gstatic.com *.youtube.com disqus.com *.disqus.com *.ieee.org *.twitter.com *.addthis.com *.slideshare.net; font-src 'self' *.myfonts.net *.typekit.net *.gstatic.com data: use.typekit.net; report-uri /admin/config/system/seckit/csp-report |
Server | Apache/2.4.7 (Ubuntu) |
Vary | Accept-Encoding |
Cache-Control | no-cache, must-revalidate |
Content-Type | text/html; charset=utf-8 |
Content-Encoding | gzip |
Keep-Alive | timeout=5, max=120 |
Expires | Sun, 19 Nov 1978 05:00:00 GMT |
Content-Language | en |
From-Origin | same |
X-Content-Type-Options | nosniff |
X-Content-Security-Policy-Report-Only | default-src 'self' *.tryengineering.org *.accreditation.org *.addthis.com; script-src 'self' *.ieee.org *.googleapis.com *.google.com *.gstatic.com *.google-analytics.com *.typekit.net use.typekit.net *.addthis.com *.twitter.com *.disqus.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.myfonts.net use.typekit.net *.typekit.net *.googleapis.com *.disqus.com *.disquscdn.com *.addthis.com 'unsafe-inline'; img-src 'self' *.tryengineering.org *.accreditation.org *.googleapis.com *.addthis.com *.gstatic.com *.typekit.net *.disqus.com *.google-analytics.com *.doubleclick.net stats.g.doubleclick.net *.amazonaws.com p.typekit.net data: *.addthis.com; frame-src 'self' *.tryengineering.org *.accreditation.org *.google.com *.gstatic.com *.youtube.com disqus.com *.disqus.com *.ieee.org *.twitter.com *.addthis.com *.slideshare.net; font-src 'self' *.myfonts.net *.typekit.net *.gstatic.com data: use.typekit.net; report-uri /admin/config/system/seckit/csp-report |
X-Generator | Drupal 7 (http://drupal.org) |
Connection | Keep-Alive |
X-WebKit-CSP-Report-Only | default-src 'self' *.tryengineering.org *.accreditation.org *.addthis.com; script-src 'self' *.ieee.org *.googleapis.com *.google.com *.gstatic.com *.google-analytics.com *.typekit.net use.typekit.net *.addthis.com *.twitter.com *.disqus.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.myfonts.net use.typekit.net *.typekit.net *.googleapis.com *.disqus.com *.disquscdn.com *.addthis.com 'unsafe-inline'; img-src 'self' *.tryengineering.org *.accreditation.org *.googleapis.com *.addthis.com *.gstatic.com *.typekit.net *.disqus.com *.google-analytics.com *.doubleclick.net stats.g.doubleclick.net *.amazonaws.com p.typekit.net data: *.addthis.com; frame-src 'self' *.tryengineering.org *.accreditation.org *.google.com *.gstatic.com *.youtube.com disqus.com *.disqus.com *.ieee.org *.twitter.com *.addthis.com *.slideshare.net; font-src 'self' *.myfonts.net *.typekit.net *.gstatic.com data: use.typekit.net; report-uri /admin/config/system/seckit/csp-report |
X-Frame-Options | SameOrigin |
X-Powered-By | PHP/5.5.9-1ubuntu4.14 |