HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Thu, 21 Oct 2021 20:39:21 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://ouropal.com:443/
HTTP/2 302
date: Thu, 21 Oct 2021 20:39:21 GMT
content-type: text/html; charset=utf-8
content-length: 81
location: https://ouropal.com/login
HTTP/2 301
date: Thu, 21 Oct 2021 20:39:21 GMT
content-type: text/html
location: https://login.ouropal.com/roadblock?requested_path=%2Flogin&requested_subdomain=
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://*.ouropal.com
access-control-max-age: 1728000
cache-control: no-cache
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.ouropal.com *.nr-data.net *.mixpanel.com *.pendo.io *.instana.io *.totango.com *.typeform.com *.zendesk.com *.fullstory.com *.opalstaticassets.com *.ouropal.com *.cloudfront.net translate.google.com *.googleapis.com *.intercom.io *.intercomcdn.com; style-src 'self' data: 'unsafe-inline' *.ouropal.com *.nr-data.net *.mixpanel.com *.pendo.io *.totango.com *.typeform.com *.zendesk.com *.fullstory.com *.opalstaticassets.com *.ouropal.com *.cloudfront.net *.intercomcdn.com *.gstatic.com translate.google.com *.googleapis.com; img-src 'self' data: *.ouropal.com *.nr-data.net *.mixpanel.com *.pendo.io *.instana.io *.totango.com *.typeform.com *.zendesk.com *.fullstory.com *.opalstaticassets.com *.ouropal.com *.cloudfront.net *.intercomcdn.com *.gstatic.com translate.google.com *.googleapis.com *.app.box.com *.cloudinary.com *.s3.amazonaws.com *.zencoder.com *.workwithopal.com *.embed.ly; font-src 'self' data: *.intercomcdn.com *.gstatic.com; connect-src 'self' *.ouropal.com ws://*.ouropal.com *.nr-data.net *.mixpanel.com wss://*.intercom.io *.intercom.io *.pendo.io *.instana.io pendo-io-extensions.storage.googleapis.com *.totango.com *.typeform.com *.zendesk.com *.fullstory.com *.app.box.com *.cloudinary.com *.zencoder.com *.workwithopal.com *.embed.ly *.s3.amazonaws.com; media-src 'self' *.app.box.com *.cloudinary.com *.s3.amazonaws.com *.zencoder.com cloudinary-cdn.workwithopal.com i.embed.ly; frame-src 'self' *.ouropal.com workwithopal.app.box.com pendo-io-extensions.storage.googleapis.com app.pendo.io; object-src 'self'; frame-ancestors 'self' *.ouropal.com; report-uri /log/csp_violation
origin-agent-cluster: ?1
set-cookie: __opal_session=SzZQOHR1VTJCTVdXVmJiMVhTajlsQ1lyT3Q1ZU00aEZCckh5ODVBNnR1UHh5eEpnVVlEdXJOZFREOGZDakNtOExaQ0kvQ2JQSkxGak1QbFN3cGZVVVE9PS0tbW05T3RyZUUzRGVCbHd6dXVZek1lZz09--d7d5e612304d233ab2c7bb57421db00b63c4ed1f; path=/; secure; HttpOnly; SameSite=Lax
status: 301 Moved Permanently
strict-transport-security: max-age=31557600; includeSubDomains; preload
vary: Accept-Encoding,Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-instana-s: 553cb0a2c8dc5ec
x-instana-t: 677cb2b66b749ed
x-permitted-cross-domain-policies: none
x-request-id: 0263e71e-da32-488f-8e3e-c657d20116f0
x-xss-protection: 1; mode=block
HTTP/2 200
date: Thu, 21 Oct 2021 20:39:22 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://*.ouropal.com
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' *.ouropal.com *.nr-data.net *.mixpanel.com *.pendo.io *.instana.io *.totango.com *.typeform.com *.zendesk.com *.fullstory.com *.opalstaticassets.com *.ouropal.com *.cloudfront.net translate.google.com *.googleapis.com *.intercom.io *.intercomcdn.com; style-src 'self' data: 'unsafe-inline' *.ouropal.com *.nr-data.net *.mixpanel.com *.pendo.io *.totango.com *.typeform.com *.zendesk.com *.fullstory.com *.opalstaticassets.com *.ouropal.com *.cloudfront.net *.intercomcdn.com *.gstatic.com translate.google.com *.googleapis.com; img-src 'self' data: *.ouropal.com *.nr-data.net *.mixpanel.com *.pendo.io *.instana.io *.totango.com *.typeform.com *.zendesk.com *.fullstory.com *.opalstaticassets.com *.ouropal.com *.cloudfront.net *.intercomcdn.com *.gstatic.com translate.google.com *.googleapis.com *.app.box.com *.cloudinary.com *.s3.amazonaws.com *.zencoder.com *.workwithopal.com *.embed.ly; font-src 'self' data: *.intercomcdn.com *.gstatic.com; connect-src 'self' *.ouropal.com ws://*.ouropal.com *.nr-data.net *.mixpanel.com wss://*.intercom.io *.intercom.io *.pendo.io *.instana.io pendo-io-extensions.storage.googleapis.com *.totango.com *.typeform.com *.zendesk.com *.fullstory.com *.app.box.com *.cloudinary.com *.zencoder.com *.workwithopal.com *.embed.ly *.s3.amazonaws.com; media-src 'self' *.app.box.com *.cloudinary.com *.s3.amazonaws.com *.zencoder.com cloudinary-cdn.workwithopal.com i.embed.ly; frame-src 'self' *.ouropal.com workwithopal.app.box.com pendo-io-extensions.storage.googleapis.com app.pendo.io; object-src 'self'; frame-ancestors 'self' *.ouropal.com; report-uri /log/csp_violation
etag: W/"d1c6c6b01e9f9e75b6f896a606cb40f1"
origin-agent-cluster: ?1
set-cookie: __opal_session=T1Y3Z2ZoWkltc2hkeVcwMm1BeUVQSDNPTGp3aWdXRVhHeDZLd0ZKVXFCbkF4SWMwL2VyNEZHZGZuamZuUk5nRjR4eFFtRDdndCsyaVNlTGhUWG1CdXBMWGhsazVSS1lDYk9BaXRjK3ZaUFMzYlI1TG5aY2luZ3Z5UzdkWVFCWXFNQjBnYWhYTjdLY240OERRb3F4NGw5RGNKZnlSSGxIZWVhdnhVdVJoNFRpZ0xGVHR2TlZlb3JMNmFscmtWVkx5LS02VVpvcm50UWhQVExqaUhqSDBLVG5BPT0%3D--432b35f042ad643ce702935e54b67601b13d367a; path=/; secure; HttpOnly; SameSite=Lax
status: 200 OK
strict-transport-security: max-age=31557600; includeSubDomains; preload
vary: Accept-Encoding,Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-instana-s: 79b12b696b54c954
x-instana-t: 6d3f78fe200f5d5d
x-permitted-cross-domain-policies: none
x-request-id: 1cc0e7f8-5084-4720-b71c-a153b5df3708
x-xss-protection: 1; mode=block
|