Content-Encoding | gzip |
Content-Security-Policy | default-src 'self' http://www.scouting.org https://my.scouting.org https://beascout.scouting.org https://use.typekit.net https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js https://ajax.googleapis.com/ https://scoutnet.scouting.org http://www.learningforlife.org https://bsalearn.learn.taleo.net https://chksso.learn.taleo.net https://frdashboard.scouting.org https://stspd.myscouting.org/adfs/ls/IdpInitiatedSignon *.scouting.org https://ssoagt.scouting.org *.myscouting.org https://ssoagt.scouting.org/ssoagtpd/LMSSSOAgent.aspx https://i.stack.imgur.com https://myscouting.scouting.org https://myscouting.scouting.org/my2entrypoint/MY2LegacyMyScoutingLogin.aspx https://marketingawardsportal.scouting.org/my2entrypoint/MY2LegacyMarketingAwardsPortalLogin.aspx https://marketingawardsportal.scouting.org http://local.scouting.org https://gateway.1directconnect.com https://orbitalvar1.chasepaymentech.com/authorize https://orbital1.chasepaymentech.com https://www.chasepaymentechhostedpay-var.com https://www.chasepaymentechhostedpay.com http://internal-mystpd-reports-internal-lb-1932019091.us-east-1.elb.amazonaws.com/shared/ https://code.jquery.com https://netdna.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/ https://api-scouting.cloudhub.io http://api-scouting.cloudhub.io *.api-scouting.cloudhub.io https://d1kn0x9vzr5n76.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://bat.bing.com https://tracking.aimediagroup.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://tagmanager.google.com https://bid.g.doubleclick.net https://connect.facebook.net https://stats.g.doubleclick.net https://www.facebook.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.co.in https://www.google.com https://tracking.aimediagroup.com https://www.googleadservices.com https://bat.bing.com https://www.googletagmanager.com https://ssl.google-analytics.com https://www.google-analytics.com https://use.typekit.net https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js https://cdnjs.cloudflare.com/ https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js https://ajax.googleapis.com/ https://marketingawardsportal.scouting.org https://stspd.myscouting.org http://olc.scouting.org https://olc.scouting.org http://internal-mystpd-reports-internal-lb-1932019091.us-east-1.elb.amazonaws.com/shared/ https://tagmanager.google.com https://connect.facebook.net https://stats.g.doubleclick.net https://googleads.g.doubleclick.net; img-src 'self' 'unsafe-inline' data: https://myqa.scouting.org/ https://www.google.co.in https://www.google.com https://tracking.aimediagroup.com https://googleads.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com http://api-scouting.cloudhub.io https://api-scouting.cloudhub.io https://d1kn0x9vzr5n76.cloudfront.net http://www.scouting.org http://chart.googleapis.com https://p.typekit.net https://my.scouting.org https://i.stack.imgur.com https://beascout.scouting.org https://tagmanager.google.com https://connect.facebook.net https://stats.g.doubleclick.net https://www.facebook.com https://ssl.gstatic.com; style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com http://fonts.googleapis.com https://netdna.bootstrapcdn.com https://cdnjs.cloudflare.com http://internal-mystpd-reports-internal-lb-1932019091.us-east-1.elb.amazonaws.com/shared/; font-src 'self' https://use.typekit.net https://themes.googleusercontent.com https://fonts.typekit.net https://at.alicdn.com https://netdna.bootstrapcdn.com http://internal-mystpd-reports-internal-lb-1932019091.us-east-1.elb.amazonaws.com/shared/ https://fonts.gstatic.com https://cdnjs.cloudflare.com; object-src 'self' 'unsafe-inline' https://my.scouting.org; media-src 'self' blob:; worker-src 'self' blob:; connect-src 'self' *.scouting.org api-scouting.cloudhub.io https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js https://d1kn0x9vzr5n76.cloudfront.net; |
Content-Type | text/html |
Last-Modified | Wed, 08 Nov 2017 17:29:46 GMT |
Server | |
Strict-Transport-Security | max-age=31536000 |
Vary | Accept-Encoding |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Connection | keep-alive |