HTTP/1.1 302 Found Date: Sun, 20 Oct 2019 20:03:48 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Content-Security-Policy: default-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.applysq.com cdn.applysquare.net ana.applysquare.com pingjs.qq.com hm.baidu.com *.map.baidu.com *.map.bdimg.com res.wx.qq.com s13.cnzz.com c.cnzz.com cdn.bootcss.com cdn.staticfile.org static.bcedocument.com img.baidu.com doc.baidubce.com static.exp.bcedocument.com *.google-analytics.com *.google.com maps.gstatic.com *.amap.com *.googleapis.com *.bootstrapcdn.com *.cloudflare.com cdn.applysquare.net/a2/lib assets-cli.s2.udesk.cn 1372979.s2.udesk.cn basevistor.s2.udesk.cn js.intercomcdn.com widget.intercom.io; style-src 'self' 'unsafe-inline' 1372979.s2.udesk.cn static.bcedocument.com img.baidu.com doc.baidubce.com static.exp.bcedocument.com cdn.applysq.com cdn.applysquare.net cdn.staticfile.org cdn.bootcss.com *.amap.com *.googleapis.com *.bootstrapcdn.com *.cloudflare.com cdn.applysquare.net/a2/lib; font-src * data:; img-src * data: blob:; connect-src * data: Location: /ceping-cn/gaokao-score Server: a2 server Vary: Cookie X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block Strict-Transport-Security: max-age=31536000