Content-Security-Policy | default-src 'self'; object-src 'none'; script-src 'self' 'unsafe-eval' www.gstatic.com www.google-analytics.com; child-src 'self'; connect-src 'self'; img-src 'self' data: www.google-analytics.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com; font-src 'self' fonts.gstatic.com; |
Strict-Transport-Security | max-age=2592000; includeSubdomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-XSS-Protection | 1; mode=block |
Expires | Sat, 26 Aug 2017 11:42:01 GMT |
ETag | "bUcCDQ" |
X-Cloud-Trace-Context | 2c7250d8e71f9f2975d22ebf65c13b82 |
Content-Type | text/html |
Content-Encoding | gzip |
Server | Google Frontend |
Cache-Control | public, max-age=600 |
Age | 0 |
Alt-Svc | quic=":443"; ma=2592000; v="39,38,37,35" |