Content-Security-Policy: script-src 'self' *.googleanalytics.com *.google-analytics.com ajax.googleapis.com www.google.com *.doubleclick.net; default-src 'self' *.gstatic.com; img-src 'self' data: s.ytimg.com *.googleusercontent.com *.gstatic.com *.google-analytics.com www.google.com *.doubleclick.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.gstatic.com *.googleapis.com; frame-src 'self' www.google.com www.youtube.com accounts.google.com apis.google.com plus.google.com; connect-src 'self' plus.google.com www.google-analytics.com services.google.com; font-src 'self' data: themes.googleusercontent.com *.gstatic.com; report-uri /csp/report/
x-content-type-options: nosniff
Date: Mon, 02 Oct 2017 05:10:35 GMT
Content-Length: 30593
Vary: Cookie
x-frame-options: DENY
Expires: Mon, 02 Oct 2017 05:10:35 GMT
HTTP/1.1 200 OK
Cache-Control: max-age=600
strict-transport-security: max-age=2592000; includeSubDomains
Server: Google Frontend
Last-Modified: Mon, 02 Oct 2017 05:01:16 GMT
X-Cloud-Trace-Context: 4ce02bd4d9fa7478649f29f9ac3319e7
Content-Type: text/html; charset=utf-8
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
Set-Cookie: anoncsrf=9f0DIFlKSHByJEoJ3OuVK9B94ootp13H; expires=Mon, 02-Oct-2017 07:10:35 GMT; httponly; Max-Age=7200; Path=/; secure
x-xss-protection: 1; mode=block