Cache-Control | private |
Content-Type | text/html |
Server | |
Content-Security-Policy-Report-Only | default-src 'self'; connect-src 'self' https://checkout.stripe.com https://tawk.to https://*.tawk.to wss://*.tawk.to; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://maps.googleapis.com https://checkout.stripe.com https://embed.tawk.to https://*.tawk.to https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net; img-src 'self' https://csi.gstatic.com https://maps.gstatic.com https://maps.googleapis.com https://media-library.co.uk https://q.stripe.com https://tawk.link https://static-v.tawk.to https://www.google-analytics.com https://stats.g.doubleclick.net; font-src https://fonts.gstatic.com https://static-v.tawk.to; form-action 'self' https://va.tawk.to; frame-src https://www.google.com https://checkout.stripe.com https://*.tawk.to https://tawk.link; frame-ancestors https://admin.vb.media; media-src https://static-v.tawk.to; upgrade-insecure-requests; report-uri https://monitor.report-uri.com/r/d/csp/reportOnly |
Content-Security-Policy | frame-ancestors https://admin.vb.media; upgrade-insecure-requests; report-uri https://monitor.report-uri.com/r/d/csp/enforce |
X-Frame-Options | ALLOW-FROM https://admin.vb.media |
X-Xss-Protection | 1 |
Access-Control-Allow-Origin | https://admin.vb.media |
Content-Length | 52116 |