urlscan.io logo urlscan.io
SecurityTrails logo

warsaw.craigslist.org Open in urlscan Pro
208.82.237.226  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ciccredit.edu.pl/
Effective URL: https://warsaw.craigslist.org/
Submission: On October 31 via automatic, source certstream-suspicious — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 208.82.237.226, located in San Francisco, United States and belongs to CRAIGS-NET-1, US. The main domain is warsaw.craigslist.org.
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on February 7th 2023. Valid for: a year.
This is the only time warsaw.craigslist.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.55.154 13335 (CLOUDFLAR...)
1 1 208.82.237.129 22414 (CRAIGS-NET-1)
2 7 208.82.237.225 22414 (CRAIGS-NET-1)
1 208.82.237.226 22414 (CRAIGS-NET-1)
6 3
Apex Domain
Subdomains		 Transfer
9 craigslist.org
craigslist.org — Cisco Umbrella Rank: 16877
www.craigslist.org — Cisco Umbrella Rank: 21234
geo.craigslist.org — Cisco Umbrella Rank: 128468
warsaw.craigslist.org
469 KB
1 ciccredit.edu.pl
ciccredit.edu.pl
547 B
6 2
Domain Requested by
6 www.craigslist.org 1 redirects warsaw.craigslist.org
1 warsaw.craigslist.org
1 geo.craigslist.org 1 redirects
1 craigslist.org 1 redirects
1 ciccredit.edu.pl 1 redirects
6 5
Subject Issuer Validity Valid
craigslist.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-07 -
2024-02-27		 a year crt.sh

This page contains 2 frames:

Primary Page: https://warsaw.craigslist.org/
Frame ID: ECAE16301CDC69BB9345C35D1D5EBE85
Requests: 6 HTTP requests in this frame

Frame: https://www.craigslist.org/static/www/localStorage-092e9f9e2f09450529e744902aa7cdb3a5cc868d.html
Frame ID: 297556A7CAAFE5689E393523DD3EA889
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

craigslist: poland jobs, apartments, for sale, services, community, and events

Page URL History Show full URLs

  1. https://ciccredit.edu.pl/ HTTP 302
    https://craigslist.org/ HTTP 302
    https://www.craigslist.org/ HTTP 302
    https://geo.craigslist.org/ HTTP 302
    https://warsaw.craigslist.org/ Page URL

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

3
IPs

2
Countries

495 kB
Transfer

1688 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ciccredit.edu.pl/ HTTP 302
    https://craigslist.org/ HTTP 302
    https://www.craigslist.org/ HTTP 302
    https://geo.craigslist.org/ HTTP 302
    https://warsaw.craigslist.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
warsaw.craigslist.org/
Redirect Chain
  • https://ciccredit.edu.pl/
  • https://craigslist.org/
  • https://www.craigslist.org/
  • https://geo.craigslist.org/
  • https://warsaw.craigslist.org/
50 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://warsaw.craigslist.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
208.82.237.226 San Francisco, United States, ASN22414 (CRAIGS-NET-1, US),
Reverse DNS
cities.craigslist.org
Software
/
Resource Hash
3ae12f5a3930b30bad57fa032e1da1f20e84a4192c6e6afff04b9c95896edbac
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://hcaptcha.com https://*.hcaptcha.com; child-src https://*.craigslist.org; connect-src https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; font-src data:; form-action https://*.craigslist.org; frame-ancestors 'self'; frame-src https://*.craigslist.org https://duckduckgo.com/search.html; media-src data:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; style-src 'unsafe-inline' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Cache-Control
max-age=3600, public
Content-Encoding
gzip
Content-Length
9275
Content-Security-Policy
base-uri 'self' https://hcaptcha.com https://*.hcaptcha.com; child-src https://*.craigslist.org; connect-src https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; font-src data:; form-action https://*.craigslist.org; frame-ancestors 'self'; frame-src https://*.craigslist.org https://duckduckgo.com/search.html; media-src data:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; style-src 'unsafe-inline' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com
Content-Type
text/html; charset=UTF-8
Date
Tue, 31 Oct 2023 18:17:03 GMT
Expires
Tue, 31 Oct 2023 19:17:03 GMT
Last-Modified
Tue, 31 Oct 2023 18:17:03 GMT
Strict-Transport-Security
max-age=63072000
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN

Redirect headers

Content-Encoding
gzip
Content-Length
20
Content-Security-Policy
base-uri 'self' https://hcaptcha.com https://*.hcaptcha.com; child-src https://*.craigslist.org; connect-src https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; font-src data:; form-action https://*.craigslist.org; frame-ancestors 'self'; frame-src https://*.craigslist.org https://craigslist.org https://hcaptcha.com https://*.hcaptcha.com; media-src data:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; style-src 'unsafe-inline' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com
Date
Tue, 31 Oct 2023 18:47:08 GMT
Last-Modified
Tue, 31 Oct 2023 18:47:08 GMT
Location
https://warsaw.craigslist.org
Strict-Transport-Security
max-age=63072000
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
7cac89240fcebd4d4b2a1f70aa4fc4a2595cea59.js
www.craigslist.org/static/www/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.craigslist.org/static/www/7cac89240fcebd4d4b2a1f70aa4fc4a2595cea59.js
Requested by
Host: warsaw.craigslist.org
URL: https://warsaw.craigslist.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
208.82.237.225 San Francisco, United States, ASN22414 (CRAIGS-NET-1, US),
Reverse DNS
www.craigslist.org
Software
/
Resource Hash
730a674a8723b5acae5be2e25b0e4486f3102dd96f62b5c5f349d9c9976f0c4c
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://hcaptcha.com https://*.hcaptcha.com; child-src https://*.craigslist.org; connect-src https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; font-src data:; form-action https://*.craigslist.org; frame-ancestors https://*.craigslist.org; frame-src https://*.craigslist.org https://craigslist.org https://hcaptcha.com https://*.hcaptcha.com; media-src data:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; style-src 'unsafe-inline' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://warsaw.craigslist.org/
Origin
https://warsaw.craigslist.org
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Security-Policy
base-uri 'self' https://hcaptcha.com https://*.hcaptcha.com; child-src https://*.craigslist.org; connect-src https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; font-src data:; form-action https://*.craigslist.org; frame-ancestors https://*.craigslist.org; frame-src https://*.craigslist.org https://craigslist.org https://hcaptcha.com https://*.hcaptcha.com; media-src data:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; style-src 'unsafe-inline' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com
Content-Encoding
gzip
Date
Mon, 16 Oct 2023 16:03:05 GMT
Last-Modified
Mon, 16 Oct 2023 16:03:05 GMT
Strict-Transport-Security
max-age=63072000
Vary
Accept-Encoding, Origin
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://warsaw.craigslist.org
Cache-Control
max-age=2592000, public
Access-Control-Allow-Credentials
true
Content-Length
7057
Expires
Wed, 15 Nov 2023 16:03:05 GMT
manifest.js
www.craigslist.org/static/d/1887529/www/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.craigslist.org/static/d/1887529/www/manifest.js
Requested by
Host: warsaw.craigslist.org
URL: https://warsaw.craigslist.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
208.82.237.225 San Francisco, United States, ASN22414 (CRAIGS-NET-1, US),
Reverse DNS
www.craigslist.org
Software
/
Resource Hash
9423dbd7a12718e07cea6f8529f8260cbd47e08e2b316a37384e29dd74597f43
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://hcaptcha.com https://*.hcaptcha.com; child-src https://*.craigslist.org; connect-src https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; font-src data:; form-action https://*.craigslist.org; frame-ancestors https://*.craigslist.org; frame-src https://*.craigslist.org https://craigslist.org https://hcaptcha.com https://*.hcaptcha.com; media-src data:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; style-src 'unsafe-inline' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://warsaw.craigslist.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Security-Policy
base-uri 'self' https://hcaptcha.com https://*.hcaptcha.com; child-src https://*.craigslist.org; connect-src https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; font-src data:; form-action https://*.craigslist.org; frame-ancestors https://*.craigslist.org; frame-src https://*.craigslist.org https://craigslist.org https://hcaptcha.com https://*.hcaptcha.com; media-src data:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; style-src 'unsafe-inline' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com
Content-Encoding
gzip
Date
Tue, 24 Oct 2023 22:32:30 GMT
Last-Modified
Tue, 24 Oct 2023 22:32:30 GMT
Strict-Transport-Security
max-age=63072000
Vary
Accept-Encoding, Origin
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000, public
Content-Length
2772
Expires
Thu, 23 Nov 2023 22:32:30 GMT
bb629301923185fda763799f68b5688f34e30cdf.css
www.craigslist.org/static/www/ 		286 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.craigslist.org/static/www/bb629301923185fda763799f68b5688f34e30cdf.css
Requested by
Host: warsaw.craigslist.org
URL: https://warsaw.craigslist.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
208.82.237.225 San Francisco, United States, ASN22414 (CRAIGS-NET-1, US),
Reverse DNS
www.craigslist.org
Software
/
Resource Hash
1d2190e83440ba52247ae3987cd7ffeea63030196861ceff1a9cd8be45d57ff2
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://hcaptcha.com https://*.hcaptcha.com; child-src https://*.craigslist.org; connect-src https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; font-src data:; form-action https://*.craigslist.org; frame-ancestors https://*.craigslist.org; frame-src https://*.craigslist.org https://duckduckgo.com/search.html; media-src data:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; style-src 'unsafe-inline' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com
Strict-Transport-Security max-age=63072000

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://warsaw.craigslist.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Security-Policy
base-uri 'self' https://hcaptcha.com https://*.hcaptcha.com; child-src https://*.craigslist.org; connect-src https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; font-src data:; form-action https://*.craigslist.org; frame-ancestors https://*.craigslist.org; frame-src https://*.craigslist.org https://duckduckgo.com/search.html; media-src data:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; style-src 'unsafe-inline' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com
Content-Encoding
gzip
Date
Fri, 06 Oct 2023 19:47:39 GMT
Last-Modified
Fri, 06 Oct 2023 19:47:39 GMT
Strict-Transport-Security
max-age=63072000
Vary
Accept-Encoding, Origin
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000, public
Content-Length
61191
Expires
Sun, 05 Nov 2023 19:47:39 GMT
ddccbd9ebe5cf35027e7e29b4c98e6d40c6800ea.js
www.craigslist.org/static/www/ 		1 MB
383 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.craigslist.org/static/www/ddccbd9ebe5cf35027e7e29b4c98e6d40c6800ea.js
Requested by
Host: warsaw.craigslist.org
URL: https://warsaw.craigslist.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
208.82.237.225 San Francisco, United States, ASN22414 (CRAIGS-NET-1, US),
Reverse DNS
www.craigslist.org
Software
/
Resource Hash
a696e9867fed06805f1fae22643d36ab2616bb636865a4188f4b379d1b2e86d5
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; child-src https://*.craigslist.org; connect-src https://*.craigslist.org; font-src data:; form-action https://*.craigslist.org; frame-ancestors https://*.craigslist.org; frame-src https://*.craigslist.org https://craigslist.org; media-src data:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https://*.craigslist.org; style-src 'unsafe-inline' https://*.craigslist.org
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://warsaw.craigslist.org/
Origin
https://warsaw.craigslist.org
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Security-Policy
base-uri 'self'; child-src https://*.craigslist.org; connect-src https://*.craigslist.org; font-src data:; form-action https://*.craigslist.org; frame-ancestors https://*.craigslist.org; frame-src https://*.craigslist.org https://craigslist.org; media-src data:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https://*.craigslist.org; style-src 'unsafe-inline' https://*.craigslist.org
Content-Encoding
gzip
Date
Tue, 24 Oct 2023 22:26:19 GMT
Last-Modified
Tue, 24 Oct 2023 22:26:19 GMT
Strict-Transport-Security
max-age=63072000
Vary
Accept-Encoding, Origin
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://warsaw.craigslist.org
Cache-Control
max-age=2592000, public
Access-Control-Allow-Credentials
true
Content-Length
391225
Expires
Thu, 23 Nov 2023 22:26:19 GMT
localStorage-092e9f9e2f09450529e744902aa7cdb3a5cc868d.html
www.craigslist.org/static/www/ Frame 2975 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.craigslist.org/static/www/localStorage-092e9f9e2f09450529e744902aa7cdb3a5cc868d.html
Requested by
Host: warsaw.craigslist.org
URL: https://warsaw.craigslist.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
208.82.237.225 San Francisco, United States, ASN22414 (CRAIGS-NET-1, US),
Reverse DNS
www.craigslist.org
Software
/
Resource Hash
01a041ab79faa0d10203ee8d8150fb219905fe8a4a58f905b7bf746698a83ace
Security Headers
Name Value
Content-Security-Policy base-uri 'self' https://hcaptcha.com https://*.hcaptcha.com; child-src https://*.craigslist.org; connect-src https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; font-src data:; form-action https://*.craigslist.org; frame-ancestors https://*.craigslist.org; frame-src https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; media-src data:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; style-src 'unsafe-inline' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://warsaw.craigslist.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000, public
Content-Encoding
gzip
Content-Length
786
Content-Security-Policy
base-uri 'self' https://hcaptcha.com https://*.hcaptcha.com; child-src https://*.craigslist.org; connect-src https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; font-src data:; form-action https://*.craigslist.org; frame-ancestors https://*.craigslist.org; frame-src https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; media-src data:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; style-src 'unsafe-inline' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com
Content-Type
text/html; charset=utf-8
Date
Wed, 04 Oct 2023 20:16:30 GMT
Expires
Fri, 03 Nov 2023 20:16:30 GMT
Last-Modified
Wed, 04 Oct 2023 20:16:30 GMT
Strict-Transport-Security
max-age=63072000
Vary
Accept-Encoding Origin
truncated
/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f58b6e4f6ce53fe895e3f6aa59b44a47615f63daaffb25f11263dfd8722d127d

Request headers

Referer
Origin
https://warsaw.craigslist.org
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| cl function| define function| $ function| jQuery function| Swipe function| QRCode object| CL function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __spreadArray function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet function| IntlMessageFormat function| i18n string| pagemode object| actionLinks string| allText string| areaCountry string| areaID object| categoryNames string| defaultLocale object| loc string| locString string| maptileBaseUrl string| noResults string| searchcountBaseUrl object| whereAmI object| L function| reverseGeocodeUser object| mapsConfig

3 Cookies

Domain/Path Name / Value
ciccredit.edu.pl/ Name: PHPSESSID
Value: h32dteih44vil0p544kmkl7l08
.craigslist.org/ Name: cl_b
Value: 4|53124883de0acaa9f163b672c741477f421587eb|16987780273vOjM
.craigslist.org/ Name: cl_def_hp
Value: warsaw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self' https://hcaptcha.com https://*.hcaptcha.com; child-src https://*.craigslist.org; connect-src https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; font-src data:; form-action https://*.craigslist.org; frame-ancestors 'self'; frame-src https://*.craigslist.org https://duckduckgo.com/search.html; media-src data:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com; style-src 'unsafe-inline' https://*.craigslist.org https://hcaptcha.com https://*.hcaptcha.com
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN