HTTP/2 200 content-security-policy: default-src 'self' www.isc.org www.google-analytics.com www.googletagmanager.com region1.google-analytics.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com 'wasm-eval'; script-src-elem 'self' 'unsafe-inline' www.googletagmanager.com cdnjs.cloudflare.com www.ipip.net unpkg.zhimg.com; style-src 'self' 'unsafe-inline' www.gstatic.com; style-src-elem 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; img-src 'self' data: www.isc.org region1.google-analytics.com www.googletagmanager.com fonts.gstatic.com translate.google.com cdnjs.cloudflare.com www.google-analytics.com; font-src 'self' data: use.typekit.net cdnjs.cloudflare.com fonts.gstatic.com; connect-src 'self' www.google-analytics.com region1.google-analytics.com api.cdnjs.com; media-src data:; worker-src blob:; form-action 'self'; report-uri https://iscorg.report-uri.com/r/d/csp/enforce report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://iscorg.report-uri.com/a/d/g"}],"include_subdomains":true} last-modified: Wed, 18 Jun 2025 12:32:48 GMT etag: "82-637d7d39fef8a-gzip" content-encoding: gzip content-type: text/html accept-ranges: bytes age: 0 date: Sun, 13 Jul 2025 22:40:39 GMT vary: Accept-Encoding x-frame-options: SAMEORIGIN x-xss-protection: 1 x-content-type-options: nosniff referrer-policy: strict-origin permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=() strict-transport-security: max-age=31557600 content-length: 133