X-XSS-Protection | 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube |
Expires | Tue, 27 Apr 1971 19:44:06 EST |
Content-Security-Policy-Report-Only | connect-src https:; default-src 'self' 'unsafe-inline' 'unsafe-eval' https:; img-src https: data:; media-src https: blob:; report-uri /csp_204?t=https&vcs=dd5a066d06f0621bf82d49433f9d7451&plabel=youtube.ytfe.desktop_20170706_0_RC3&pcl=161160183 |
Content-Type | text/html; charset=utf-8 |
Content-Encoding | gzip |
Cache-Control | no-cache |
X-Frame-Options | SAMEORIGIN |
Strict-Transport-Security | max-age=31536000 |
P3P | CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." |
X-Content-Type-Options | nosniff |
Server | YouTubeFrontEnd |
Alt-Svc | quic=":443"; ma=2592000; v="39,38,37,36,35" |
Transfer-Encoding | chunked |