x-xss-protection | 1; mode=block |
x-content-type-options | nosniff |
Content-Security-Policy | script-src 'self' https://www.google-analytics.com 'sha256-YAeNgc46QF0YbTBOhlJJtwaOwJTu1UEvFVe3ljLBobg=' 'sha256-SjfMQo173oGUAkxAJmT3YNTlryI5ou9f6HkUz0QUJQs=' 'sha256-Ssar6UGUztl2jWRWa9ATkJ9GcZkwJoeYDCprhVrPrVQ='; img-src 'self' data: https://www.google-analytics.com https://www.gstatic.com/images/branding/ https://*.googleusercontent.com; default-src 'self'; frame-src 'self' https://storage.googleapis.com; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; connect-src 'self' https://www.google-analytics.com https://clouderrorreporting.googleapis.com/; object-src 'none'; font-src 'self' https://fonts.gstatic.com; report-uri /csp/report/ |
strict-transport-security | max-age=2592000; includeSubDomains |
Content-Type | text/html; charset=utf-8 |
Content-Encoding | gzip |
X-Cloud-Trace-Context | dbf36c2509993bcfe2106b156d1802cc |
Vary | Cookie, Accept-Encoding |
Server | Google Frontend |
Cache-Control | private |
Alt-Svc | quic=":443"; ma=2592000; v="39,38,37,35" |
Transfer-Encoding | chunked |