strict-transport-security | max-age=2592000; includeSubDomains |
Content-Security-Policy | script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com; report-uri /csp/report/; default-src 'self'; frame-src 'self'; img-src 'self' data: https://*.googleusercontent.com https://www.google-analytics.com; connect-src 'self'; font-src 'self' https://ir.ebaystatic.com https://fonts.gstatic.com |
x-content-type-options | nosniff |
Expires | Wed, 18 Oct 2017 11:40:51 GMT |
Last-Modified | Wed, 18 Oct 2017 11:40:51 GMT |
x-xss-protection | 1; mode=block |
Cache-Control | no-cache, no-store, must-revalidate, max-age=0 |
X-Frame-Options | DENY |
Content-Type | text/html; charset=utf-8 |
Content-Encoding | gzip |
X-Cloud-Trace-Context | 0544cbfa5255adfbfc5eeba4be43c0eb |
Vary | Cookie, Accept-Encoding |
Server | Google Frontend |
Transfer-Encoding | chunked |