HTTP/1.1 302 Found
Date: Thu, 21 Oct 2021 19:15:47 GMT
Server: Apache
Pragma: no-cache
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Expires: Wed, 21 Oct 2020 19:15:47 GMT
Report-To: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"https:\/\/eng.vdc.dev\/csp-report"}]}
Content-Security-Policy: worker-src blob:; font-src *.gstatic.com data: script.hotjar.com *.typography.com *.intercomcdn.com *.cloudfront.net 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.voyado.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com *.youtube.com *.klarna.com big.g.doubleclick.net vars.hotjar.com *.authorize.net *.cardinalcommerce.com *.socialboards.com embedsocial.com *.cookieinformation.com *.ipaper.io *.voyado.com voyado.oculos.no *.doubleclick.net 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com www.googleadservices.com www.google-analytics.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com https://cdn.flbx.io data: *.google.com *.google.no *.google.se *.google.fi *.google.ro *.google.pl *.google.dk *.gstatic.com *.google-analytics.com *.googleadservices.com googleads.g.doubleclick.net *.klarna.com *.klarnaevt.com *.hotjar.com *.hotjar.io *.wpcloud.trollweb.no amcglobal.sc.omtrdc.net *.visualwebsiteoptimizer.com *.magentocommerce.com *.paypal.com *.ytimg.com *.googleapis.com *.googletagmanager.com img.youtube.com analytics.sleeknote.com *.google.lt *.cloudfront.net *.ipaper.io *.fbcdn.net *.facebook.com blob: 'self' 'unsafe-inline'; script-src *.assets.adobedtm.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com js.authorize.net jstest.authorize.net www.googleadservices.com www.google-analytics.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com js.braintreegateway.com s.ytimg.com video.google.com *.vimeo.com www.vimeo.com cdn-scripts.signifyd.com www.youtube.com https://cdn.flbx.io https://connect.getflowbox.com http://connect.getflowbox.com *.google.com *.gstatic.com *.google-analytics.com *.googleadservices.com *.doubleclick.net *.klarna.com static.hotjar.com script.hotjar.io *.visualwebsiteoptimizer.com *.trustpilot.com *.cardinalcommerce.com *.includestest.ccdc02.com *.authorize.net *.paypal.com *.ytimg.com *.braintreegateway.com *.signifyd.com *.intercom.io *.sleeknote.com *.googletagmanager.com browser-update.org *.hotjar.com *.facebook.net track.adform.net *.mobelringen.no *.googleapis.com *.socialboards.com *.elfsight.com *.cookieinformation.com embedsocial.com *.adform.net data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com *.gstatic.com *.googleapis.com tagmanager.google.com *.wpcloud.trollweb.no *.typography.com *.getfirebug.com mobelringen.no *.socialboards.com embedsocial.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src data: 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com https://*.amazonaws.com https://cdn.flbx.io https://connect.getflowbox.com http://connect.getflowbox.com *.google-analytics.com *.doubleclick.net *.klarna.com *.klarnaevt.com *.hotjar.com vc.hotjar.io surveystats.hotjar.io wss://*.hotjar.com *.cardinalcommerce.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.elfsight.com *.cookieinformation.com *.googleapis.com *.mapbox.com *.getflowbox.com *.socialboards.com 'self' 'unsafe-inline'; child-src 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://eng.vdc.dev/csp-report; report-to report-endpoint;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Set-Cookie: PHPSESSID=7517ijt82c3gfqaceu3cpue9vo; expires=Thu, 21-Oct-2021 20:15:47 GMT; Max-Age=3600; path=/; domain=mobelringen.no; HttpOnly
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Upgrade: h2,h2c
Connection: Upgrade
Location: https://www.mobelringen.no/
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
HTTP/2 200
date: Thu, 21 Oct 2021 19:15:48 GMT
server: Apache
pragma: no-cache
cache-control: max-age=0, must-revalidate, no-cache, no-store
expires: Wed, 21 Oct 2020 15:33:21 GMT
report-to: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"https:\/\/eng.vdc.dev\/csp-report"}]}
content-security-policy: worker-src blob:; font-src *.gstatic.com data: script.hotjar.com *.typography.com *.intercomcdn.com *.cloudfront.net 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.voyado.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com *.youtube.com *.klarna.com big.g.doubleclick.net vars.hotjar.com *.authorize.net *.cardinalcommerce.com *.socialboards.com embedsocial.com *.cookieinformation.com *.ipaper.io *.voyado.com voyado.oculos.no *.doubleclick.net 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com www.googleadservices.com www.google-analytics.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com https://cdn.flbx.io data: *.google.com *.google.no *.google.se *.google.fi *.google.ro *.google.pl *.google.dk *.gstatic.com *.google-analytics.com *.googleadservices.com googleads.g.doubleclick.net *.klarna.com *.klarnaevt.com *.hotjar.com *.hotjar.io *.wpcloud.trollweb.no amcglobal.sc.omtrdc.net *.visualwebsiteoptimizer.com *.magentocommerce.com *.paypal.com *.ytimg.com *.googleapis.com *.googletagmanager.com img.youtube.com analytics.sleeknote.com *.google.lt *.cloudfront.net *.ipaper.io *.fbcdn.net *.facebook.com blob: 'self' 'unsafe-inline'; script-src *.assets.adobedtm.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com js.authorize.net jstest.authorize.net www.googleadservices.com www.google-analytics.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com js.braintreegateway.com s.ytimg.com video.google.com *.vimeo.com www.vimeo.com cdn-scripts.signifyd.com www.youtube.com https://cdn.flbx.io https://connect.getflowbox.com http://connect.getflowbox.com *.google.com *.gstatic.com *.google-analytics.com *.googleadservices.com *.doubleclick.net *.klarna.com static.hotjar.com script.hotjar.io *.visualwebsiteoptimizer.com *.trustpilot.com *.cardinalcommerce.com *.includestest.ccdc02.com *.authorize.net *.paypal.com *.ytimg.com *.braintreegateway.com *.signifyd.com *.intercom.io *.sleeknote.com *.googletagmanager.com browser-update.org *.hotjar.com *.facebook.net track.adform.net *.mobelringen.no *.googleapis.com *.socialboards.com *.elfsight.com *.cookieinformation.com embedsocial.com *.adform.net data: blob: 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com *.gstatic.com *.googleapis.com tagmanager.google.com *.wpcloud.trollweb.no *.typography.com *.getfirebug.com mobelringen.no *.socialboards.com embedsocial.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src data: 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com https://*.amazonaws.com https://cdn.flbx.io https://connect.getflowbox.com http://connect.getflowbox.com *.google-analytics.com *.doubleclick.net *.klarna.com *.klarnaevt.com *.hotjar.com vc.hotjar.io surveystats.hotjar.io wss://*.hotjar.com *.cardinalcommerce.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.elfsight.com *.cookieinformation.com *.googleapis.com *.mapbox.com *.getflowbox.com *.socialboards.com 'self' 'unsafe-inline'; child-src 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://eng.vdc.dev/csp-report; report-to report-endpoint;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
set-cookie: PHPSESSID=7aorhd3pemh0og2bj7ct921fkn; expires=Thu, 21-Oct-2021 20:15:48 GMT; Max-Age=3600; path=/; domain=www.mobelringen.no; secure; HttpOnly
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-max-age: 1000
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 219980
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
|