Accept-Ranges | bytes |
Cache-Control | max-age=3600, public |
Content-Security-Policy | default-src 'self'; connect-src 'self' https://api.oculus.com https://graph.oculus.com; font-src 'self' https://dbvc4uanumi2d.cloudfront.net; frame-src 'self' https://api.oculus.com https://graph.oculus.com https://player.vimeo.com https://www.youtube.com; img-src 'self' https://dbvc4uanumi2d.cloudfront.net https://s3.amazonaws.com https://ssl.google-analytics.com https://connect.facebook.net https://www.facebook.com; media-src 'self' https://player.vimeo.com https://www.youtube.com https://s-static.ak.facebook.com; object-src 'self' https://api.oculus.com https://graph.oculus.com; script-src 'self' https://dbvc4uanumi2d.cloudfront.net https://ssl.google-analytics.com https://connect.facebook.net; style-src 'self' https://dbvc4uanumi2d.cloudfront.net 'unsafe-inline'; |
Content-Type | application/xhtml+xml; charset=UTF-8 |
ETag | "563ba030-387d" |
Expires | Fri, 06 Nov 2015 10:28:07 GMT |
Last-Modified | Thu, 05 Nov 2015 18:30:08 GMT |
Server | nginx |
Strict-Transport-Security | max-age=631138519; includeSubdomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Permitted-Cross-Domain-Policies | master-only |
X-XSS-Protection | 1; mode=block |
Content-Length | 14461 |
Connection | keep-alive |