X-XSS-Protection: 1; mode=block
HTTP/1.1 200 OK
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Origin: *.88sao.tv
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Content-Type: text/html; charset=utf-8
Last-Modified: Tue, 27 Jun 2017 18:38:01 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS
Date: Tue, 27 Jun 2017 18:38:29 GMT
Server: nginx
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' ws://ws.88sao.tv http://88sao.tv http://*.88sao.tv http://88sao.vn http://*.8sao.vn https://connect.facebook.net http://connect.facebook.net https://www.facebook.com http://www.google-analytics.com https://fonts.googleapis.com https://fonts.gstatic.com http://img.sumeme.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.vn https://www.google-analytics.com http://www.googletagmanager.com https://googleads.g.doubleclick.net https://googleads.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://88sao.tv http://*.88sao.tv http://88sao.vn http://*.8sao.vn https://connect.facebook.net http://connect.facebook.net https://www.facebook.com http://www.google-analytics.com https://fonts.googleapis.com https://fonts.gstatic.com http://img.sumeme.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.vn https://www.google-analytics.com http://www.googletagmanager.com https://googleads.g.doubleclick.net https://googleads.g.doubleclick.net; img-src 'self' data: about: http://88sao.tv http://*.88sao.tv http://88sao.vn http://*.8sao.vn https://connect.facebook.net http://connect.facebook.net https://www.facebook.com http://www.google-analytics.com https://fonts.googleapis.com https://fonts.gstatic.com http://img.sumeme.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.vn https://www.google-analytics.com http://www.googletagmanager.com https://googleads.g.doubleclick.net https://googleads.g.doubleclick.net; style-src 'self' 'unsafe-inline' 'unsafe-eval' http://88sao.tv http://*.88sao.tv http://88sao.vn http://*.8sao.vn https://connect.facebook.net http://connect.facebook.net https://www.facebook.com http://www.google-analytics.com https://fonts.googleapis.com https://fonts.gstatic.com http://img.sumeme.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.vn https://www.google-analytics.com http://www.googletagmanager.com https://googleads.g.doubleclick.net https://googleads.g.doubleclick.net; font-src 'self' 'unsafe-inline' 'unsafe-eval' http://88sao.tv http://*.88sao.tv http://88sao.vn http://*.8sao.vn https://connect.facebook.net http://connect.facebook.net https://www.facebook.com http://www.google-analytics.com https://fonts.googleapis.com https://fonts.gstatic.com http://img.sumeme.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.vn https://www.google-analytics.com http://www.googletagmanager.com https://googleads.g.doubleclick.net https://googleads.g.doubleclick.net; child-src 'self' 'unsafe-inline' 'unsafe-eval' http://88sao.tv http://*.88sao.tv http://88sao.vn http://*.8sao.vn https://connect.facebook.net http://connect.facebook.net https://www.facebook.com http://www.google-analytics.com https://fonts.googleapis.com https://fonts.gstatic.com http://img.sumeme.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.vn https://www.google-analytics.com http://www.googletagmanager.com https://googleads.g.doubleclick.net https://googleads.g.doubleclick.net; object-src 'self' 'unsafe-inline' 'unsafe-eval' http://88sao.tv http://*.88sao.tv http://88sao.vn http://*.8sao.vn https://connect.facebook.net http://connect.facebook.net https://www.facebook.com http://www.google-analytics.com https://fonts.googleapis.com https://fonts.gstatic.com http://img.sumeme.com https://stats.g.doubleclick.net https://www.google.com https://www.google.com.vn https://www.google-analytics.com http://www.googletagmanager.com https://googleads.g.doubleclick.net https://googleads.g.doubleclick.net; frame-ancestors 'self'
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Vary: Accept-Encoding