Content-Type | text/html; charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
Referrer-Policy | no-referrer-when-downgrade |
Strict-Transport-Security | max-age=15552000 |
Content-Security-Policy | default-src 'self' *.vistana.com; script-src 'self' *.vistana.com maxcdn.bootstrapcdn.com 'unsafe-eval' *.googletagmanager.com 'unsafe-inline' *.google-analytics.com *.googleapis.com *.gstatic.com *.google.com *.facebook.com *.facebook.net *.addthis.com *.addthisedge.com *.vimeo.com *.youtube.com cdnjs.cloudflare.com preferences.truste.com s.w.org aa.agkn.com https://*.salesforceliveagent.com https://*.formstack.com https://vistana-web-static.s3.amazonaws.com https://tag.retargeter.com https://bat.bing.com https://www.googleadservices.com ajax.cloudflare.com https://preferences-mgr.truste.com; style-src 'self' *.vistana.com 'unsafe-inline' *.googleapis.com *.gstatic.com *.google.com maxcdn.bootstrapcdn.com cdnjs.cloudflare.com vistana-web-static.s3.amazonaws.com https://*.formstack.com; img-src 'self' data: https://svo-svn-socialuploads.s3.amazonaws.com *.vistana.com *.trustarc.com *.cloudfront.net *.googletagmanager.com *.google-analytics.com *.googleapis.com *.gstatic.com *.google.com *.facebook.com *.facebook.net *.yimg.com *.ytimg.com *.pinterest.com cdnjs.cloudflare.com http://vistana-web-static.s3.amazonaws.com https://vistana-web-static.s3.amazonaws.com http://vistana-user-profile.s3.amazonaws.com https://vistana-user-profile.s3.amazonaws.com https://vistana-user-profile-qa.s3.amazonaws.com http://vistana-user-profile-qa.s3.amazonaws.com https://scontent.xx.fbcdn.net http://scontent.xx.fbcdn.net stats.g.doubleclick.net https://*.formstack.com https://s3.amazonaws.com https://t.sellpoints.com https://googleads.g.doubleclick.net https://bat.bing.com https://preferences.truste.com https://secure.adnxs.com https://geo-um.btrll.com https://cm.g.doubleclick.net https://*.googleusercontent.com https://*.adnxs.com; font-src 'self' data: *.vistana.com *.googleapis.com *.gstatic.com maxcdn.bootstrapcdn.com cdnjs.cloudflare.com vistana-web-static.s3.amazonaws.com; connect-src 'self' *.vistana.com *.googletagmanager.com *.google-analytics.com *.facebook.net *.addthis.com *.addthisedge.com tag.retargeter.com aa.agkn.com https://svo-svn-socialuploads.s3.amazonaws.com https://secure.adnxs.com; media-src 'self' blob: *.vistana.com *.google.com *.youtube.com *.vimeo.com https://*.vimeocdn.com cdnjs.cloudflare.com https://s3.amazonaws.com; object-src 'self' *.vistana.com; frame-src 'self' *.vistana.com *.trustarc.com *.googletagmanager.com *.google.com *.youtube.com *.vimeo.com *.addthis.com https://www.facebook.com https://preferences-mgr.truste.com; form-action 'self' http://*.vistana.com https://*.vistana.com https://www.facebook.com https://starwoodvo.formstack.com https://*.starwoodhotels.com; frame-ancestors ‘self�� *.vistana.com www.facebook.com; |
CF-Cache-Status | EXPIRED |
Vary | Accept-Encoding |
Expires | Thu, 01 Mar 2018 08:37:56 GMT |
Cache-Control | public, max-age=3600 |
Expect-CT | max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" |
Server | cloudflare |
CF-RAY | 3f49f6098b223fd1-YUL |
Content-Encoding | gzip |