HTTP/1.1 302 Found
Date: Wed, 20 Oct 2021 11:16:15 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Set-Cookie: PHPSESSID=0104656a486719d27c0ca4c63e1746f9; expires=Wed, 20-Oct-2021 23:16:15 GMT; Max-Age=43200; path=/; domain=.credomobile.com; HttpOnly; SameSite=Lax
Location: https://qa10-www.credomobile.com/
Report-To: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"https:\/\/csp-reporting-service.com\/my-project\/endpoint"}]}
Content-Security-Policy-Report-Only: font-src *.cloudflare.com *.cloudfront.net *.credomobile.com *.taboola.com *.pinimg.com *.bing.com *.facebook.com *.fullstory.com *.liadm.com *.pdst.fm *.opmnstr.com *.criteo.net *.paypal.com www.google-analytics.com www.google.com *.doubleclick.net *.gstatic.com *.trustedshops.com *.usercentrics.eu *.hotjar.com *.getletterpress.com *.zendesk.com *.kaptcha.com *.shareasale-analytics.com shareasale-analytics.com *.googletagmanager.com *.shareasale.com *.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net pilot-payflowlink.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.facebook.com 'self' 'unsafe-inline'; frame-ancestors ; frame-src fast.amc.demdex.net *.adobe.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com www.googletagmanager.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.cloudflare.com *.cloudfront.net *.credomobile.com *.taboola.com *.pinimg.com *.bing.com *.facebook.com *.fullstory.com *.liadm.com *.pdst.fm *.opmnstr.com *.criteo.net *.paypal.com www.google-analytics.com www.google.com *.doubleclick.net *.gstatic.com *.trustedshops.com *.usercentrics.eu *.hotjar.com *.getletterpress.com *.zendesk.com *.criteo.com *.kaptcha.com *.shareasale-analytics.com shareasale-analytics.com *.googletagmanager.com *.shareasale.com *.bootstrapcdn.com js.authorize.net jstest.authorize.net accept.authorize.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.cloudflare.com *.cloudfront.net *.credomobile.com *.taboola.com *.pinimg.com *.bing.com *.facebook.com *.fullstory.com *.liadm.com *.pdst.fm *.opmnstr.com *.criteo.net *.agkn.com *.pinterest.com *.paypal.com *.ytimg.com www.google.com *.doubleclick.net *.gstatic.com *.trustedshops.com *.usercentrics.eu *.hotjar.com *.getletterpress.com *.zendesk.com *.kaptcha.com *.shareasale-analytics.com shareasale-analytics.com *.googletagmanager.com *.shareasale.com *.bootstrapcdn.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com www.googletagmanager.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.cloudflare.com *.cloudfront.net *.credomobile.com *.credo.com *.taboola.com *.pinimg.com *.bing.com *.facebook.com *.facebook.net *.fullstory.com *.liadm.com *.pdst.fm *.opmnstr.com *.criteo.net *.criteo.com *.paypal.com *.newrelic.com *.nr-data.net www.google.com *.doubleclick.net *.gstatic.com *.trustedshops.com *.usercentrics.eu *.hotjar.com *.getletterpress.com *.zendesk.com static.zdassets.com *.kaptcha.com *.shareasale.com *.shareasale-analytics.com shareasale-analytics.com *.googletagmanager.com *.bootstrapcdn.com js.authorize.net jstest.authorize.net sandbox-assets.secure.checkout.visa.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.cloudflare.com *.cloudfront.net *.credomobile.com *.taboola.com *.pinimg.com *.bing.com *.facebook.com *.fullstory.com *.liadm.com *.pdst.fm *.opmnstr.com *.criteo.net *.paypal.com www.google-analytics.com www.google.com *.doubleclick.net *.gstatic.com *.trustedshops.com *.usercentrics.eu *.hotjar.com *.getletterpress.com *.zendesk.com *.kaptcha.com *.shareasale-analytics.com shareasale-analytics.com *.googletagmanager.com *.shareasale.com *.bootstrapcdn.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com static.zdassets.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.cloudflare.com *.cloudfront.net *.credomobile.com *.credo.com *.taboola.com *.pinimg.com *.bing.com *.facebook.com *.fullstory.com *.liadm.com *.pdst.fm *.opmnstr.com *.criteo.net widget-mediator.zopim.com *.zopim.com *.cloudfunctions.net *.omappapi.com wss://widget-mediator.zopim.com *.paypal.com *.nr-data.net www.google.com *.doubleclick.net *.gstatic.com *.pinterest.com *.trustedshops.com *.usercentrics.eu *.hotjar.com *.getletterpress.com *.zendesk.com *.zdassets.com/ credomobilesupport.zendesk.com *.kaptcha.com *.shareasale-analytics.com shareasale-analytics.com *.googletagmanager.com *.shareasale.com *.bootstrapcdn.com js.authorize.net jstest.authorize.net api.authorize.net apitest.authorize.net accept.authorize.net test.authorize.net 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://csp-reporting-service.com/my-project/endpoint; report-to report-endpoint;
Content-Security-Policy: upgrade-insecure-requests;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Pragma: no-cache
Expires: -1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
HTTP/2 200
date: Wed, 20 Oct 2021 11:16:15 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=ba080895ddf231cb17f037c460c147cc; expires=Wed, 20-Oct-2021 23:16:15 GMT; Max-Age=43200; path=/; domain=.credomobile.com; secure; HttpOnly; SameSite=Lax
report-to: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"https:\/\/csp-reporting-service.com\/my-project\/endpoint"}]}
content-security-policy-report-only: font-src *.cloudflare.com *.cloudfront.net *.credomobile.com *.taboola.com *.pinimg.com *.bing.com *.facebook.com *.fullstory.com *.liadm.com *.pdst.fm *.opmnstr.com *.criteo.net *.paypal.com www.google-analytics.com www.google.com *.doubleclick.net *.gstatic.com *.trustedshops.com *.usercentrics.eu *.hotjar.com *.getletterpress.com *.zendesk.com *.kaptcha.com *.shareasale-analytics.com shareasale-analytics.com *.googletagmanager.com *.shareasale.com *.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net pilot-payflowlink.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.facebook.com 'self' 'unsafe-inline'; frame-ancestors ; frame-src fast.amc.demdex.net *.adobe.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com www.googletagmanager.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.cloudflare.com *.cloudfront.net *.credomobile.com *.taboola.com *.pinimg.com *.bing.com *.facebook.com *.fullstory.com *.liadm.com *.pdst.fm *.opmnstr.com *.criteo.net *.paypal.com www.google-analytics.com www.google.com *.doubleclick.net *.gstatic.com *.trustedshops.com *.usercentrics.eu *.hotjar.com *.getletterpress.com *.zendesk.com *.criteo.com *.kaptcha.com *.shareasale-analytics.com shareasale-analytics.com *.googletagmanager.com *.shareasale.com *.bootstrapcdn.com js.authorize.net jstest.authorize.net accept.authorize.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.cloudflare.com *.cloudfront.net *.credomobile.com *.taboola.com *.pinimg.com *.bing.com *.facebook.com *.fullstory.com *.liadm.com *.pdst.fm *.opmnstr.com *.criteo.net *.agkn.com *.pinterest.com *.paypal.com *.ytimg.com www.google.com *.doubleclick.net *.gstatic.com *.trustedshops.com *.usercentrics.eu *.hotjar.com *.getletterpress.com *.zendesk.com *.kaptcha.com *.shareasale-analytics.com shareasale-analytics.com *.googletagmanager.com *.shareasale.com *.bootstrapcdn.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com www.googletagmanager.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.cloudflare.com *.cloudfront.net *.credomobile.com *.credo.com *.taboola.com *.pinimg.com *.bing.com *.facebook.com *.facebook.net *.fullstory.com *.liadm.com *.pdst.fm *.opmnstr.com *.criteo.net *.criteo.com *.paypal.com *.newrelic.com *.nr-data.net www.google.com *.doubleclick.net *.gstatic.com *.trustedshops.com *.usercentrics.eu *.hotjar.com *.getletterpress.com *.zendesk.com static.zdassets.com *.kaptcha.com *.shareasale.com *.shareasale-analytics.com shareasale-analytics.com *.googletagmanager.com *.bootstrapcdn.com js.authorize.net jstest.authorize.net sandbox-assets.secure.checkout.visa.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.cloudflare.com *.cloudfront.net *.credomobile.com *.taboola.com *.pinimg.com *.bing.com *.facebook.com *.fullstory.com *.liadm.com *.pdst.fm *.opmnstr.com *.criteo.net *.paypal.com www.google-analytics.com www.google.com *.doubleclick.net *.gstatic.com *.trustedshops.com *.usercentrics.eu *.hotjar.com *.getletterpress.com *.zendesk.com *.kaptcha.com *.shareasale-analytics.com shareasale-analytics.com *.googletagmanager.com *.shareasale.com *.bootstrapcdn.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com static.zdassets.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.cloudflare.com *.cloudfront.net *.credomobile.com *.credo.com *.taboola.com *.pinimg.com *.bing.com *.facebook.com *.fullstory.com *.liadm.com *.pdst.fm *.opmnstr.com *.criteo.net widget-mediator.zopim.com *.zopim.com *.cloudfunctions.net *.omappapi.com wss://widget-mediator.zopim.com *.paypal.com *.nr-data.net www.google.com *.doubleclick.net *.gstatic.com *.pinterest.com *.trustedshops.com *.usercentrics.eu *.hotjar.com *.getletterpress.com *.zendesk.com *.zdassets.com/ credomobilesupport.zendesk.com *.kaptcha.com *.shareasale-analytics.com shareasale-analytics.com *.googletagmanager.com *.shareasale.com *.bootstrapcdn.com js.authorize.net jstest.authorize.net api.authorize.net apitest.authorize.net accept.authorize.net test.authorize.net 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://csp-reporting-service.com/my-project/endpoint; report-to report-endpoint;
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie: __cf_bm=cB.UvpL9lrWd7D52523ryqv7qQ3o3ze9n7ZlrN60yvQ-1634728575-0-ATMcTwbDe7RHQ+5ylY2G5enxcfWOb/jl89Vcs/Gjcb789ow/OEu0CwLvWT32+GE3raXFci8p+0GXWL5mYd0ebqI=; path=/; expires=Wed, 20-Oct-21 11:46:15 GMT; domain=.credomobile.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 6a11d53a9d0f4945-STL
|