Content-Security-Policy | script-src 'self' https://www.google-analytics.com https://www.youtube.com https://s.ytimg.com https://*.googleapis.com https://maps.gstatic.com https://*.stripe.com 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://*.googleapis.com; frame-src 'self' https://*.stripe.com/; object-src 'self' |
X-Frame-Options | deny |
Expires | Thu, 01 Jan 1970 00:00:00 GMT |
Content-Type | text/html; charset=UTF-8 |
Content-Encoding | gzip |
Vary | Accept-Encoding |
Server | Google Frontend |
Cache-Control | private |
Alt-Svc | quic=":443"; p="1"; ma=604800 |
Transfer-Encoding | chunked |