Cache-Control: public, max-age=1172 Content-Security-Policy: default-src 'self' https: blob:; child-src *; connect-src 'self' https: wss: *.amap.com *.inspectlet.com; font-src 'self' data: *.muscache.com fonts.gstatic.com use.typekit.net; img-src 'self' https: data: *.inspectlet.com; media-src 'self' https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' a0.muscache.com cdn.siftscience.com bat.bing.com connect.facebook.net www.google-analytics.com www.googleadservices.com tpc.googlesyndication.com www.googletagmanager.com maps.googleapis.com ajax.googleapis.com app.link cdn.branch.io bam.nr-data.net js-agent.newrelic.com sslwidget.criteo.com static.criteo.net dis.criteo.com widget.us.criteo.com ethn.io a.alipayobjects.com gw.alipayobjects.com cn-ali.muscache.com static.agrant.com.cn t.agrantsem.com z0.muscache.com ditu.google.com blob: webapi.amap.com restapi.amap.com *.inspectlet.com https: 'sha256-/bgBcErzbHm6cxZ0qHzeEA1aDn4GxgLJcfTJtfKMrIo=' 'sha256-1aZz2xWruarTKiry4aNnDwOXl1c6Hc1azXIyyRhb/S0=' 'sha256-rfTud2kTm0UjtJ6PqxcrkglfrUD4H8WCcS9mCs6PJ5s='; style-src 'self' https: 'unsafe-inline'; report-uri /tracking/csp?action=show&controller=homepages&report_only=false&req_uuid=19f653cd-2399-4fd4-a465-81a5bdc4dbf5&version=cd31aa1ec53508bbc924787c2c2917c494c3f589 Content-Type: text/html; charset=utf-8 Date: Thu, 05 Oct 2017 10:33:13 GMT Etag: W/"2602bb1dbdb6e8a4c28865b84bb1f06b" Link: ;rel=preload;as=style,;rel=preload;as=style,;rel=preload;as=style,;rel=preload;as=style,;rel=preload;as=font;type=font/woff2;crossorigin=crossorigin,;rel=preload;as=font;type=font/woff2;crossorigin=crossorigin,;rel=preload;as=font;type=font/woff2;crossorigin=crossorigin,;rel=preload;as=script Server: nginx/1.7.12 Set-Cookie: bev=1507199592_zq%2FNxMyuVvNnXQXa; domain=.airbnb.com; path=/; expires=Sat, 05-Oct-2019 10:33:12 GMT; secure _csrf_token=V4%24.airbnb.com%24LZWT2JUqJRo%24kTYrPBn6mKAjfF4cMUVhgrgpmU50T1ohGyR5HamwE2g%3D; domain=.airbnb.com; path=/; secure _user_attributes=%7B%22curr%22%3A%22CNY%22%2C%22guest_exchange%22%3A6.65269%2C%22device_profiling_session_id%22%3A%221507199593--a329817aac726ea870185996%22%2C%22giftcard_profiling_session_id%22%3A%221507199593--7a485338a47cc0860abd55a3%22%2C%22reservation_profiling_session_id%22%3A%221507199593--b01f4d50c4621b91e563ffa0%22%7D; domain=.airbnb.com; path=/; expires=Sat, 05-Oct-2019 10:33:13 GMT; secure flags=268435456; domain=.airbnb.com; path=/; secure xplwp2=control; expires=Mon, 04-Dec-2017 10:33:13 GMT; path=/; domain=.airbnb.com Status: 200 200 OK Strict-Transport-Security: max-age=10886400; includeSubdomains Vary: Accept-Encoding X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Ua-Compatible: IE=Edge,chrome=1 X-Xss-Protection: 1; mode=block