Cache-Control | no-cache, no-store, must-revalidate |
Content-Type | text/html; charset=utf-8 |
Content-Encoding | gzip |
Expires | Sun, 07 Aug 2016 12:20:08 GMT |
Last-Modified | Sun, 07 Aug 2016 11:50:08 GMT |
Strict-Transport-Security | max-age=31536000 |
Content-Security-Policy | default-src 'unsafe-inline' 'unsafe-eval' data: *.chloe.com *.chloe.cn *.yoox.biz *.tagcommander.com players.brightcove.net *.brightcove.com secure.gravatar.com seal.geotrust.com sealserver.trustwave.com code.jquery.com *.g.doubleclick.net *.akamaihd.net secure.social.yoox.it scontent.cdninstagram.com www.facebook.com cdnjs.cloudflare.com *.applemusic.com *.typekit.net opengraphprotocol.org ogp.me vjs.zencdn.net engage.commander1.com *.pinterest.com *.online-metrix.net *.d.aa.online-metrix.net googleadservices.com *.googleadservices.com tracker.marinsm.com bs.serving-sys.com s.yimg.jp *.googleapis.com *.gstatic.com *.google.com *.google.it *.google-analytics.com *.api.baidu.com *.baidu.com; frame-ancestors *.chloe.com *.chloe.cn; report-uri https://c2rg5eauc1.execute-api.eu-west-1.amazonaws.com/prod/cspreport |
ORIGIN | etchloe01 |
Pragma | no-cache |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
X-XSS-Protection | 1; mode=block |
Connection | keep-alive |
Vary | Accept-Encoding |