X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Cache-Control | public, max-age=300 |
Strict-Transport-Security | max-age=31536000 |
Pragma | Public |
Content-Security-Policy | default-src 'self' ; connect-src 'self' https://www.google-analytics.com https://selfserve-api-dot-softserve-prod.appspot.com https://api.braintreegateway.com https://client-analytics.braintreegateway.com https://accounts.snapchat.com https://accounts.snap-dev.net https://adsapi.snapchat.com https://admanager-api-dot-teamko619.appspot.com https://snap-central-dot-teamko619.appspot.com https://snap-central-dev-dot-teamko619.appspot.com https://adsapisc.appspot.com https://storage.googleapis.com https://selfserve-api-dot-teamko619.appspot.com https://rich-snap-platform.appspot.com https://rich-snap-platform-dev.appspot.com https://preproduction-dot-softserve-prod.appspot.com wss://*.zopim.com https://*.zopim.com https://snap-web-chat.appspot.com https://googleads.g.doubleclick.net https://storage.googleapis.com https://web-frontend-dot-sc-analytics.appspot.com https://www.paypal.com https://*.tiles.mapbox.com https://api.mapbox.com ; script-src 'self' 'sha256-hCTNlFqzidWwi97XgqmHWxgFyfu4i8DJW6yudBCRam8=' https://www.googleadservices.com https://www.google-analytics.com https://www.googletagmanager.com http://tagmanager.google.com https://www.paypal.com https://apis.google.com ; worker-src 'self' blob: ; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' blob: https://snap-central-dot-teamko619.appspot.com ; font-src 'self' data: https://snap-central-dot-teamko619.appspot.com https://storage.googleapis.com ; media-src 'self' data: blob: https://storage.googleapis.com https://rich-snap-platform.appspot.com https://rich-snap-platform-dev.appspot.com ; frame-src 'self' blob: https://ads.springboard.la https://accounts.google.com https://accounts.snapchat.com https://creativesuite-prod.appspot.com https://assets.braintreegateway.com https://www.paypal.com https://snappublisher.snapchat.com https://players.brightcove.net ; report-uri /_api/reports/csp-violations ; img-src 'self' data: blob: https://api.mapbox.com https://www.googleadservices.com https://www.google.com https://stats.g.doubleclick.net https://googleads.g.doubleclick.net https://storage.googleapis.com https://www.google-analytics.com https://storage.googleapis.com https://v2uploads.zopim.io https://rich-snap-platform.appspot.com https://rich-snap-platform-dev.appspot.com https://admanager-api-dot-teamko619.appspot.com https://adsapi.snapchat.com https://render.bitstrips.com https://www.paypal.com https://lens-storage.storage.googleapis.com https://snapcodes.storage.googleapis.com https://snapchatpd-a.akamaihd.net ; |
Content-Type | text/html |
Content-Encoding | gzip |
X-Cloud-Trace-Context | df9f91104f0eb5f9511b67ce5faab596 |
Vary | Accept-Encoding |
Server | Google Frontend |
Alt-Svc | hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" |