Content-Security-Policy | media-src 'self' *.googleapis.com; img-src 'self' data: *.googleapis.com *.gstatic.com *.google-analytics.com; font-src 'self' data: themes.googleusercontent.com *.gstatic.com; frame-src 'self' www.google.com www.youtube.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleanalytics.com *.google-analytics.com *.googleapis.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.gstatic.com; default-src 'self' *.gstatic.com; |
Strict-Transport-Security | max-age=2592000; includeSubdomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-XSS-Protection | 1; mode=block |
Expires | Sat, 17 Feb 2018 02:10:44 GMT |
Cache-Control | public, max-age=600 |
ETag | "6W72GQ" |
X-Cloud-Trace-Context | 838f7c48472e05e07a0d006656892679 |
Content-Type | text/html |
Content-Encoding | gzip |
Server | Google Frontend |
Alt-Svc | hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" |
Transfer-Encoding | chunked |