Server | nginx/1.7.12 |
Content-Type | text/html; charset=utf-8 |
Vary | Accept-Encoding |
Status | 200 OK |
Content-Security-Policy | default-src 'self' https:; connect-src 'self' https: ws://localhost.airbnb.com:8888 http:; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; frame-src *; img-src 'self' https: http: data:; media-src 'self' https:; object-src 'self' https:; script-src 'sha256-2S1zmL0hHGfsnw+rP+m+rBKOma7sejqhykg8DdWFKfU=' 'sha256-e+WZxCf+T3EsxjWDrJZxp6YDUoZRzlAHxJG4rUsY8Zg=' 'self' https: 'unsafe-eval' 'unsafe-inline' http:; style-src 'self' https: 'unsafe-inline' http:; report-uri /tracking/csp?action=guarantee&controller=info&req_uuid=ce714e28-9ef2-4b9a-98b2-73e27d630f69&version=67ec128a5323e8d4afafe227bb5e5e1b666ea9b5; |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
X-Frame-Options | SAMEORIGIN |
X-UA-Compatible | IE=Edge,chrome=1 |
ETag | W/"f3075500524a8c4c06d818b5c74d6fd1" |
Content-Encoding | gzip |
Strict-Transport-Security | max-age=10886400; includeSubdomains |
Cache-Control | public, max-age=43200 |
Connection | keep-alive |