Content-Security-Policy | base-uri 'none'; object-src 'none'; img-src 'self' www.google-analytics.com www.google.com www.google.co.jp maps.googleapis.com maps.gstatic.com lh3.googleusercontent.com *.gstatic.com *.google-analytics.com img.youtube.com *.doubleclick.net data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/js/google.js www.googleadservices.com *.doubleclick.net www.google.co.jp maps.googleapis.com *.googleapis.com apis.google.com https://www.google-analytics.com www.google.com www.google.co.jp/analytics.js https://www.google.com/js/gweb/analytics/autotrack.js https://www.googletagmanager.com https://tagmanager.google.com https://ssl.google-analytics.com/ga.js *.gstatic.com www.google.com www.youtube.com *.ytimg.com; |
Strict-Transport-Security | max-age=2592000; includeSubdomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-XSS-Protection | 1; mode=block |
Expires | Wed, 15 Nov 2017 13:00:29 GMT |
ETag | "Arwwiw" |
X-Cloud-Trace-Context | 390f96b90645dbd042beb15678ff7ec5;o=1 |
Content-Type | text/html |
Content-Encoding | gzip |
Server | Google Frontend |
Cache-Control | public, max-age=600 |
Age | 1 |
Alt-Svc | quic=":443"; ma=2592000; v="41,39,38,37,35" |