Cache-Control | no-cache, no-store, must-revalidate |
Pragma | no-cache |
Content-Type | text/html; charset=utf-8 |
Content-Encoding | gzip |
Expires | -1 |
Vary | Accept-Encoding |
Strict-Transport-Security | max-age=15768000; includeSubDomains; preload |
X-Frame-Options | ALLOW-FROM SAMEDOMAIN |
X-XSS-Protection | 1; mode=block |
X-Content-Type-Options | nosniff |
Content-Security-Policy | style-src 'self' 'unsafe-inline' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; object-src 'self' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; img-src 'self' data: https://s3.amazonaws.com https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; media-src 'self' data: https://s3.amazonaws.com https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; font-src 'self' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; |
X-Content-Security-Policy | style-src 'self' 'unsafe-inline' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; object-src 'self' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; img-src 'self' data: https://s3.amazonaws.com https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; media-src 'self' data: https://s3.amazonaws.com https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; font-src 'self' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; |
X-WebKit-CSP | style-src 'self' 'unsafe-inline' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; object-src 'self' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; img-src 'self' data: https://s3.amazonaws.com https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; media-src 'self' data: https://s3.amazonaws.com https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; font-src 'self' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; connect-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; default-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.credimejora.com https://stats.g.doubleclick.net https://csi.gstatic.com/ https://www.google-analytics.com https://ajax.googleapis.com https://maps.google.com https://www.googletagmanager.com https://ssl.mousestats.com https://widget.intercom.io https://api-ping.intercom.io https://api-iam.intercom.io https://js.intercomcdn.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io ; |