HTTP/2 200 server: nginx/1.17.10date: Wed, 07 Apr 2021 02:44:07 GMTcontent-type: text/html; charset=utf-8content-security-policy: default-src 'none';script-src https://*.divarcdn.com https://*.hotjar.com 'unsafe-eval' 'unsafe-inline' https://www.googletagmanager.com https://ammaar.delivery.zeerak.cloud https://www.google-analytics.com https://cdn.yektanet.com https://s1.mediaad.org;style-src 'self' 'unsafe-inline' https://*.divarcdn.com;img-src 'self' data: blob: https://divar.ir https://*.divarcdn.com https://trustseal.enamad.ir https://www.google-analytics.com https://www.googletagmanager.com https://*.openstreetmap.org https://*.balad.ir https://www.google.com https://www.google.nl https://www.google.de https://www.google.ae https://www.google.fr https://www.google.ca https://www.google.co.uk https://logo.samandehi.ir;connect-src 'self' https://divar.ir https://*.divar.ir https://files.divarcdn.com https://www.google-analytics.com https://*.doubleclick.net https://*.delivery.zeerak.cloud https://*.leogames.co https://*.hotjar.com https://*.googleapis.com https://firebase.the-wall.io https://api.mediaad.org https://ua.yektanet.com https://audience.yektanet.com;font-src 'self' https://*.divarcdn.com data:;object-src 'none';frame-ancestors 'none';base-uri 'self';frame-src 'self' https://*.hotjar.com https://ua.yektanet.com https://mediacdn.mediaad.org;manifest-src 'self';upgrade-insecure-requests;block-all-mixed-contentx-dns-prefetch-control: onexpect-ct: max-age=0x-frame-options: DENYstrict-transport-security: max-age=15724800x-download-options: noopenx-content-type-options: nosniffx-permitted-cross-domain-policies: nonereferrer-policy: originx-xss-protection: 1; mode=blockvary: User-Agent, Accept-Encodingaccess-control-allow-origin: *etag: W/"60c2f-Y4Hexun9WTJUPPLrRF2Z0ot8E4g"content-encoding: gzip