| server: |
nginx/1.23.4 |
| date: |
Thu, 10 Oct 2024 15:54:32 GMT |
| content-type: |
text/html; charset=UTF-8 |
| content-length: |
218471 |
| connection: |
close |
| vary: |
Accept-Encoding |
| report-to: |
{"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"https:\/\/relaxdays.com\/_csp_report_"}]} |
| content-security-policy-report-only: |
font-src *.fontawesome.com *.relaxdays.com *.gstatic.com *.trustami.com *.stripe.com *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com 'self' data: data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * www.facebook.com ct.pinterest.com 'self' 'unsafe-inline'; frame-ancestors *.stripe.com stripe.com *.link.com 'self'; frame-src www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https://www.google.com/recaptcha/ *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * cdn.consentmanager.net www.google.com tpc.googlesyndication.com www.youtube.com youtube.com www.facebook.com ct.pinterest.com www.pinterest.com www.pinterest.de *.sibforms.com sibautomation.com www.paypalobjects.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com cdn.consentmanager.net *.delivery.consentmanager.net delivery.consentmanager.net www.it-recht-kanzlei.de *.relaxdays.com i.pinimg.com log.pinterest.com www.pinterest.com ct.pinterest.com *.g.doubleclick.net *.googleadservices.com www.google.com www.google.de www.google.ch www.google.at www.google.es www.google.it www.google.nl www.google.pl www.google.be www.google.sk www.google.pt www.google.fr www.google.dk www.google.se www.google.co.uk www.google.bg www.google.cz www.google.ee www.google.gr www.google.hu www.google.lv www.google.lt www.google.lu www.google.ro www.google.si www.google.ie www.google.hr www.google.fi www.google.com.mt www.google.com.cy www.google-analytics.com www.googletagmanager.com *.gstatic.com *.googleusercontent.com www.facebook.com connect.facebook.com *.cloudfront.net *.bing.com analytics.tiktok.com alb.reddit.com www.datenschutz.net *.trustami.com *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de https://*.billie.io/ js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com cdn.consentmanager.net *.delivery.consentmanager.net delivery.consentmanager.net *.relaxdays.com assets.pinterest.com widgets.pinterest.com ct.pinterest.com s.pinimg.com www.googletagmanager.com tagmanager.google.com www.google.com www.googleadservices.com www.google-analytics.com www.gstatic.com www.google.de www.google.ch www.google.at www.google.es www.google.it www.google.nl www.google.pl www.google.be www.google.sk www.google.pt www.google.fr www.google.dk www.google.se www.google.co.uk www.google.bg www.google.cz www.google.ee www.google.gr www.google.hu www.google.lv www.google.lt www.google.lu www.google.ro www.google.si www.google.ie www.google.hr www.google.fi connect.facebook.net googleads.g.doubleclick.net tpc.googlesyndication.com bat.bing.com analytics.tiktok.com sibautomation.com *.sendinblue.com www.redditstatic.com *.hotjar.com *.trustami.com *.stripe.com *.stripe.network *.stripecdn.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com *.hsforms.net *.hsforms.com *.google.com *.gstatic.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src https://*.billie.io/ *.fontawesome.com unsafe-inline assets.braintreegateway.com *.relaxdays.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.stripe.network *.stripecdn.com 'self' 'unsafe-inline'; object-src *.relaxdays.com 'self' 'unsafe-inline'; media-src *.relaxdays.com 'self' 'unsafe-inline'; manifest-src *.relaxdays.com 'self' 'unsafe-inline'; connect-src www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de https://*.billie.io/ api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com *.google.com google.com blob: delivery.consentmanager.net *.relaxdays.com www.google-analytics.com www.googletagmanager.com adservice.google.com stats.g.doubleclick.net *.g.doubleclick.net www.googleadservices.com pagead2.googlesyndication.com www.google.com www.google.de www.google.ch www.google.at www.google.es www.google.it www.google.nl www.google.pl www.google.be www.google.sk www.google.pt www.google.fr www.google.dk www.google.se www.google.co.uk www.google.bg www.google.cz www.google.ee www.google.gr www.google.hu www.google.lv www.google.lt www.google.lu www.google.ro www.google.si www.google.ie www.google.hr www.google.fi www.facebook.com log.pinterest.com www.pinterest.com ct.pinterest.com bat.bing.com analytics.tiktok.com *.sendinblue.com in-automate.brevo.com *.hotjar.com wss://ws.hotjar.com *.hotjar.io analytics.pangle-ads.com *.stripe.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.link.com t.elasticsuite.io *.hsforms.net *.hsforms.com *.google-analytics.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://relaxdays.com/_csp_report_; report-to report-endpoint; |
| strict-transport-security: |
max-age=31536000 |
| content-security-policy: |
upgrade-insecure-requests; |
| x-content-type-options: |
nosniff |
| x-xss-protection: |
1; mode=block |
| x-frame-options: |
SAMEORIGIN |
| page-type: |
cms_index_index |
| x-host: |
php-slow |
| store-code: |
de_de |
| age: |
1930 |
| accept-ranges: |
bytes |
| x-cache: |
HIT |
| grace: |
none |
| pragma: |
no-cache |
| expires: |
-1 |
| cache-control: |
no-store, no-cache, must-revalidate, max-age=0 |
| set-cookie: |
quid=7f2dfbb0-5972-d8ed-5975-27e9508dfaae;secure=1;priority=high;expires=Fri, 10 Oct 2025 15:54:32 GMT;path=/; |
| quid: |
7f2dfbb0-5972-d8ed-5975-27e9508dfaae |
| access-control-allow-origin: |
relaxdays.de |
| access-control-allow-credentials: |
true |
| access-control-allow-methods: |
GET, POST, PUT, DELETE, OPTIONS, PATCH |
| access-control-allow-headers: |
Store,Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Content-Length |
