Content-Security-Policy | base-uri 'none'; font-src 'self' data:* themes.googleusercontent.com *.gstatic.com fonts.googleapis.com; frame-src 'self' www.google.com www.youtube.com *.doubleclick.net; script-src 'self' 'unsafe-inline' *.googleanalytics.com *.google-analytics.com *.google.com *.googleadservices.com *.googletagmanager.com *.gstatic.com *.googleapis.com *.youtube.com *.ytimg.com; object-src 'self' *.gstatic.com www.google.com; img-src 'self' data:* *.gstatic.com *.google-analytics.com maps.googleapis.com *.googleapis.com *.ggpht.com www.google.com lh3.googleusercontent.com *.doubleclick.net *.googleadservices.com; style-src 'self' 'unsafe-inline' *.googletagmanager.com tagmanager.google.com fonts.googleapis.com *.gstatic.com; default-src 'self' *.gstatic.com services.google.com; |
Strict-Transport-Security | max-age=2592000; includeSubdomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-XSS-Protection | 1; mode=block |
Expires | Sat, 14 Oct 2017 11:50:04 GMT |
ETag | "p2y1QQ" |
X-Cloud-Trace-Context | e434a89d465b7689d17f739fecc83e8f |
Content-Type | text/html |
Content-Encoding | gzip |
Server | Google Frontend |
Age | 126 |
Cache-Control | public, max-age=600 |