true
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
GET,OPTIONS,PATCH,DELETE,POST,PUT
*
934158
public, max-age=0, must-revalidate
keep-alive
0
default-src 'self' *.google.com *.google.no *.googleadservices.com adservice.google.de *.g.doubleclick.net *.googlesyndication.com static.sojern.com csi.gstatic.com api.hubapi.com forms.hubspot.com blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.analytics.google.com *.googletagmanager.com *.googleapis.com www.gstatic.com *.google-analytics.com connect.facebook.net *.googletagservices.com *.cookiebot.com *.skyra.no *.mapbox.com www.youtube.com player.vimeo.com *.google.com *.google.no *.googleadservices.com adservice.google.de *.g.doubleclick.net *.googlesyndication.com static.sojern.com csi.gstatic.com api.hubapi.com forms.hubspot.com; script-src-elem 'self' 'unsafe-inline' *.analytics.google.com *.googletagmanager.com *.googleapis.com www.gstatic.com *.google-analytics.com connect.facebook.net *.googletagservices.com *.cookiebot.com *.skyra.no *.mapbox.com www.youtube.com player.vimeo.com *.google.com *.google.no *.googleadservices.com adservice.google.de *.g.doubleclick.net *.googlesyndication.com static.sojern.com csi.gstatic.com api.hubapi.com forms.hubspot.com https://snapsea.fra1.digitaloceanspaces.com/ https://app.snapsea.io/ blob:; connect-src 'self' ws: www.facebook.com www.dalsnibba.no dalsnibba.no *.sanity.io vitals.vercel-insights.com vimeo.com *.hsforms.com *.google.com *.google.no *.googleadservices.com adservice.google.de *.g.doubleclick.net *.googlesyndication.com static.sojern.com csi.gstatic.com api.hubapi.com forms.hubspot.com *.analytics.google.com *.googletagmanager.com *.googleapis.com www.gstatic.com *.google-analytics.com connect.facebook.net *.googletagservices.com *.cookiebot.com *.skyra.no *.mapbox.com; worker-src 'self' blob:; frame-src 'self' www.youtube.com player.vimeo.com *.google.com *.google.no *.googleadservices.com adservice.google.de *.g.doubleclick.net *.googlesyndication.com static.sojern.com csi.gstatic.com api.hubapi.com forms.hubspot.com *.analytics.google.com *.googletagmanager.com *.googleapis.com www.gstatic.com *.google-analytics.com connect.facebook.net *.googletagservices.com *.cookiebot.com *.skyra.no *.mapbox.com https://snapsea.fra1.digitaloceanspaces.com/ https://app.snapsea.io/; img-src 'self' res.cloudinary.com d3qvqlc701gzhm.cloudfront.net *.google.com *.google.no *.googleadservices.com adservice.google.de *.g.doubleclick.net *.googlesyndication.com static.sojern.com csi.gstatic.com api.hubapi.com forms.hubspot.com *.analytics.google.com *.googletagmanager.com *.googleapis.com www.gstatic.com *.google-analytics.com connect.facebook.net *.googletagservices.com *.cookiebot.com *.skyra.no *.mapbox.com data: http: https: blob:; media-src 'self' res.cloudinary.com *.google.com *.google.no *.googleadservices.com adservice.google.de *.g.doubleclick.net *.googlesyndication.com static.sojern.com csi.gstatic.com api.hubapi.com forms.hubspot.com data: http: https:; style-src 'self' 'unsafe-inline' *.mapbox.com *.google.com *.google.no *.googleadservices.com adservice.google.de *.g.doubleclick.net *.googlesyndication.com static.sojern.com csi.gstatic.com api.hubapi.com forms.hubspot.com https://snapsea.fra1.digitaloceanspaces.com/ https://app.snapsea.io/ fonts.googleapis.com www.googletagmanager.com; object-src 'none'; report-uri https://netlifedesign.report-uri.com/r/d/csp/enforce;
text/html; charset=utf-8
Tue, 02 Jan 2024 19:27:40 GMT
"3b69c-JZGFt0gomPI5nNcVTXoulZbFleU"
origin-when-cross-origin
Vercel
max-age=63072000
nosniff
SAMEORIGIN
/en/destinations/[destinationSlug]
MISS
Next.js
index,follow
STALE
dub1::iad1::8qxjh-1705157818626-527ee2bc8add
1; mode=block
|