HTTP/1.1 302 Found
Date: Tue, 01 Oct 2024 12:49:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.24.0
X-Powered-By: PHP/8.2.22
Set-Cookie: PHPSESSID=f4514mns4lidlfh92t8pp05nrt; expires=Tue, 01 Oct 2024 22:49:30 GMT; Max-Age=36000; path=/; domain=54.74.243.250; HttpOnly; SameSite=Lax
Location: https://www246.qa.europris.no/
Pragma: no-cache
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Expires: Sun, 01 Oct 2023 12:49:30 GMT
Report-To: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"https:\/\/eng.vdc.dev\/csp-report"}]}
Content-Security-Policy: font-src *.gstatic.com data: script.hotjar.com static.lipscore.com *.klarnacdn.net 'self' data: *.hotjar.com *.hotjar.io *.zmags.com *.googleapis.com *.europris.no data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com facebook.com *.facebook.com *.facebook.net *.snapchat.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com player.vimeo.com https://www.google.com/recaptcha/ *.klarna.com big.g.doubleclick.net vars.hotjar.com optimize.google.com *.charpstar.net *.google.com *.adsrvr.org *.snapchat.com *.facebook.com *.jsdelivr.net *.hotjar.com *.europris.no *.hotjar.io *.zmags.com candidate.hr-manager.net tpc.googlesyndication.com *.doubleclick.net europris.leadfamly.com static.itxuc.com policy.app.cookieinformation.com europris.campaign.playable.com www.linkedin.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.google.com *.google.no *.google.se *.google.fi *.google.ro *.google.pl *.google.dk *.gstatic.com *.google-analytics.com *.googleadservices.com *.klarna.com *.klarnaevt.com *.hotjar.com *.hotjar.io *.googletagmanager.com *.hsforms.net *.hsforms.com static.lipscore.com blob: img.youtube.com *.klarnacdn.net *.klarnaservices.com 'self' data: charpstar.se *.googleapis.com *.zmags.com *.europris.no *.google.lt *.google.sk *.google.ie *.google.es *.google.nl *.google.fr *.doubleclick.net *.facebook.com *.facebook.net ep-campaign-images.temalogic.com gen.sendtric.com *.googlesyndication.com gtm-w4pzjrn-njm2m.uc.r.appspot.com *.bing.com *.streamify.io *.clarity.ms *.linkedin.com *.licdn.com *.ads.licdn.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.google.com *.gstatic.com *.google-analytics.com *.googleanalytics.com *.googleadservices.com *.googleoptimize.com *.doubleclick.net *.klarna.com static.hotjar.com script.hotjar.io *.hsforms.net *.hsforms.com static.lipscore.com *.klarnacdn.net *.klarnaservices.com *.charpstar.net *.googleapis.com *.zmags.com c.z-analytics.net *.googletagmanager.com *.hotjar.com *.hotjar.io *.facebook.net *.jsdelivr.net *.adsrvr.org sc-static.net *.adform.net *.europris.no *.googlesyndication.com services.itxuc.com policy.app.cookieinformation.com gtm-w4pzjrn-njm2m.uc.r.appspot.com *.bing.com *.clarity.ms *.zma.gs ipmeta.io *.ipmeta.io *.albacross.com *.streamify.io *.snapchat.com *.lunio.ai client.prod.mplat-ppcprotect.com click.prod.mplat-ppcprotect.com demoapp-api.bloomreach.com api-engagement.bloomreach.com api.exponea.com api.eu1.exponea.com europris.campaign.playable.com cdn-engagement.bloomreach.com snap.licdn.com static-exp1.licdn.com content.linkedin.com platform.linkedin.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.gstatic.com *.googleapis.com *.google.com static.lipscore.com *.klarnacdn.net *.zmags.com *.europris.no *.googletagmanager.com www.google-analytics.com *.google-analytics.com gtm-w4pzjrn-njm2m.uc.r.appspot.com *.streamify.io *.zma.gs *.licdn.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com data: *.streamify.io blob: media.linkedin.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com *.google-analytics.com *.doubleclick.net *.klarna.com *.klarnaevt.com *.hotjar.com vc.hotjar.io surveystats.hotjar.io wss://*.hotjar.com *.google.com *.googleapis.com t.elasticsuite.io *.hsforms.net *.hsforms.com wapi.lipscore.com users.lipscore.com https://app.getsentry.com *.klarnaservices.com *.charpstar.net europris.ingest.z-analytics.net *.zmags.com *.hotjar.io *.europris.no *.facebook.com *.lunio.ai client.prod.mplat-ppcprotect.com click.prod.mplat-ppcprotect.com *.snapchat.com *.googlesyndication.com *.cookieinformation.com *.clarity.ms *.streamify.io wss://*.streamify.io *.zma.gs ipmeta.io *.ipmeta.io *.albacross.com *.googletagmanager.com no-europris-saas1.collector.snplow.net demoapp-api.bloomreach.com api-engagement.bloomreach.com api.exponea.com api.eu1.exponea.com europris.campaign.playable.com cdn-engagement.bloomreach.com *.linkedin.com *.licdn.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://eng.vdc.dev/csp-report; report-to report-endpoint;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN