P3p: CP="Not used"
CF-RAY: 37772e5d9d742360-FRA
Transfer-Encoding: chunked
X-Request-Id: 5523862f-2a84-455a-8ebd-257387c7178c
X-Runtime: 0.042154
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Date: Sat, 01 Jul 2017 06:06:45 GMT
X-Permitted-Cross-Domain-Policies: none
Vary: Origin,Accept-Encoding
X-Download-Options: noopen
HTTP/1.1 200 OK
Connection: keep-alive
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: _postco_session=S3VOZkN0V1VEWXNzaDVFZjFWYllPVWZTWTI1VFU1UVRLdHZ3NUlrYis1cWl4Ri83OUZLeEJwNGN0dUFGSjAxY2V2K0pHR2JwZzhCRno0YUtzUGx4R0tLS0FnZ3pwemRKL2RmYlZ6MjZhQUd5TkIzM2dSR2JicVhNblVsNVNkWHRWSlJJay85SjhwQTZqVjlUU0dBM1BRPT0tLVNpcmthbkJZbE1UYWNnNUFRRWRmZXc9PQ%3D%3D--92646867938a67e3db2f3873c3897557e43ccfd7; path=/; secure; HttpOnly
Server: cloudflare-nginx
Set-Cookie: __cfduid=d3aff8b4fe312db98db2d20a4d145d1a81498889205; expires=Sun, 01-Jul-18 06:06:45 GMT; path=/; domain=.postco.com.my; HttpOnly
Strict-Transport-Security: max-age=631138519
X-Xss-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Content-Security-Policy: default-src 'self'; connect-src *; font-src 'self' data: *.gstatic.com *.crisp.im; frame-src 'self' *.hotjar.com *.braintreegateway.com *.google.com; img-src 'self' data: *.amazonaws.com *.gstatic.com *.cloudflare.com *.googleapis.com *.crisp.im *.facebook.com *.google-analytics.com *.google.com *.googletagmanager.com heapanalytics.com stats.g.doubleclick.net sumo.com; media-src 'self' *.crisp.im *.amazonaws.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.crisp.im *.facebook.net *.google-analytics.com *.hotjar.com *.heapanalytics.com *.braintreegateway.com load.sumome.com sumome-140a.kxcdn.com cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' *.googleapis.com *.cloudflare.com *.crisp.im sumome-140a.kxcdn.com
Via: 1.1 vegur