x-xss-protection | 1; mode=block |
Content-Language | en-us |
Content-Security-Policy | script-src 'self' 'unsafe-inline' http: https:; img-src 'self' data: http: https:; default-src 'self' *.gstatic.com; frame-src 'self' http: https:; style-src 'self' 'unsafe-inline' http: https:; media-src 'self' data: http: https:; object-src 'none'; connect-src 'self' http: https:; font-src 'self' http: https:; base-uri 'self' |
x-content-type-options | nosniff |
x-frame-options | DENY |
X-Content-Security-Policy | script-src 'self' 'unsafe-inline' http: https:; img-src 'self' data: http: https:; default-src 'self' *.gstatic.com; frame-src 'self' http: https:; style-src 'self' 'unsafe-inline' http: https:; media-src 'self' data: http: https:; object-src 'none'; connect-src 'self' http: https:; font-src 'self' http: https:; base-uri 'self' |
Content-Type | text/html; charset=utf-8 |
Content-Encoding | gzip |
X-Cloud-Trace-Context | f8ee11c2d28203910247ec5030d93998 |
Vary | Cookie, Accept-Language, Accept-Encoding |
Server | Google Frontend |
Cache-Control | private |
Alt-Svc | quic=":443"; ma=2592000; v="39,38,37,35" |
Transfer-Encoding | chunked |