Content-Security-Policy: default-src 'self' https://orman.ir data: gap: https://ssl.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.rawgit.com https://fonts.googleapis.com https://www.google-analytics.com https://orman.ir https://cdn.jsdelivr.net; media-src *; font-src 'self' https://fonts.gstatic.com data: https://orman.ir; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdnjs.cloudflare.com http://maps.googleapis.com https://maps.googleapis.com https://maps.google.com https://ssl.gstatic.com https://www.google-analytics.com data: https://orman.ir https://cdn.jsdelivr.net; img-src 'self' https://maps.gstatic.com https://maps.google.com https://www.gravatar.com https://gravatar.com https://csi.gstatic.com https://www.google-analytics.com data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://ssl.google-analytics.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://player.vimeo.com https://f.vimeocdn.com
Set-Cookie: stat_auth_cookie=; path=/; expires=Tue, 06-Mar-2018 14:02:01 UTC
Transfer-Encoding: chunked
Server: Apache
Cache-Control: max-age=7200
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=631138519; includeSubDomains
Set-Cookie: ORMNSESSID=901feaf99adc0340fc7c82a1cad1c2ba; path=/; secure; HttpOnly
Expires: Tue, 06 Mar 2018 16:03:41 GMT
Date: Tue, 06 Mar 2018 14:03:41 GMT
X-Frame-Options: DENY
X-WebKit-CSP: connect-src 'self' ;default-src 'self' https://orman.ir data: gap: https://ssl.gstatic.com; style-src 'self' 'unsafe-inline' https://cdn.rawgit.com https://fonts.googleapis.com https://www.google-analytics.com https://orman.ir https://cdn.jsdelivr.net; media-src *; font-src 'self' https://fonts.gstatic.com data: https://orman.ir; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdnjs.cloudflare.com http://maps.googleapis.com https://maps.googleapis.com https://maps.google.com https://ssl.gstatic.com https://www.google-analytics.com data: https://orman.ir https://cdn.jsdelivr.net; img-src 'self' https://maps.gstatic.com https://maps.google.com https://www.gravatar.com https://gravatar.com https://csi.gstatic.com https://www.google-analytics.com data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://ssl.google-analytics.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://player.vimeo.com https://f.vimeocdn.com
X-Content-Security-Policy: connect-src 'self' ;default-src 'self' https://orman.ir data: gap: https://ssl.gstatic.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://cdn.rawgit.com https://fonts.googleapis.com https://orman.ir https://cdn.jsdelivr.net; media-src *; font-src 'self' https://fonts.gstatic.com data: https://orman.ir; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://cdnjs.cloudflare.com http://maps.googleapis.com https://maps.googleapis.com https://maps.google.com https://ssl.gstatic.com https://www.google-analytics.com data: https://orman.ir https://cdn.jsdelivr.net; img-src 'self' https://maps.gstatic.com https://maps.google.com https://www.gravatar.com https://gravatar.com https://csi.gstatic.com https://www.google-analytics.com data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://ssl.google-analytics.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://player.vimeo.com https://f.vimeocdn.com
X-XSS-Protection: 1; mode=block
ProcessingTime: D=562149
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Content-Type: text/html;charset=utf-8
Vary: Accept-Encoding,User-Agent