HTTP/1.1 302 Found
Date: Tue, 15 Mar 2022 09:37:20 GMT
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Location: https://giftcards-just-eat.ch/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inOOCHuBFyEmrhF47IqXnhY2BTBWIVyGK4ZiNNBkvmHZuLfTDWU6kAk4JnA%2BxUNHvtOF3noj4MXxRdPEBCns%2FP8%2BPAf6PAkypMhB8xJtS%2B8nt6EcVjLrkWrInOnE0zWnwBb6L65KDudt5lN3fEwv%2BAVumyc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6ec445158993924d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
HTTP/2 200
date: Tue, 15 Mar 2022 09:37:21 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains
pragma: no-cache
cache-control: max-age=0, must-revalidate, no-cache, no-store
expires: Mon, 15 Mar 2021 09:37:20 GMT
x-magento-tags: FPC
report-to: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"https:\/\/jeepay.report-uri.com\/r\/d\/csp\/reportOnly"}]}
content-security-policy-report-only: font-src https://fonts.gstatic.com http://assets.takeaway.com http://lieferando.de *.fontawesome.com *.yotpo.com *.googleapis.com *.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com https://acs-safekey.americanexpress.com *.arcot.com https://www.securesuite.co.uk https://www.clicksafe.lloydstsb.com https://secure.barclaycard.co.uk https://verifiedbyvisa.barclays.co.uk https://verify.monzo.com https://danskebank-3dsecure.wlp-acs.com https://idcheck.acs.touchtechpayments.com https://aacsw.3ds.verifiedbyvisa.com https://cap.attempts.securecode.com *.wlp-acs.com *.pluscard.de https://3ds-a.live.ext.prod.enfuce.com https://3dsecure-1.wirecard.com https://3dsecure.csas.cz https://acs.airplus.com https://acs.fssnet.co.in https://acs.kbcard.com https://acs.sia.eu https://acs1.3ds.modirum.com *.edb.com/ https://acs1.viseca.ch https://acs2.seb.lv https://acs4.sparebank1.no https://acsabsa.bankserv.co.za https://authentication-acs.marqeta.com https://authentication.cardinalcommerce.com https://authenticationweb.cartoes-itau.com.br https://b2-dw-sdc.enstage-sas.com https://foriseu-vbv.mycardplace.com https://mc-id-check.firstdata.de https://netsafe.hdfcbank.com https://pay.activa-card.com https://secure.axisbank.com https://sicher-bezahlen.sparkasse.at https://www.mycardsecure.com *.touchtechpayments.com https://acs.touch.tech https://sas.redsys.es https://secure.dkb.de *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com assets.braintreegateway.com *.adyen.com cdn.dnky.co webchat.dotdigital.com https://checkoutshopper-test.adyen.com http://fast.amc.demdex.net https://securepay.epayworldwide.com https://www.google.com https://checkoutshopper-live.adyen.com *.arcot.com https://geoissuer.cardinalcommerce.com https://www.securesuite.co.uk https://acs.touch.tech https://danskebank-3ds-vdm.wlp-acs.com https://verify.monzo.com *.yotpo.com 'self' 'unsafe-inline'; img-src data: www.googleadservices.com www.google-analytics.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com *.adyen.com https://checkoutshopper-test.adyen.com http://amcglobal.sc.omtrdc.net http://cm.everesttech.net http://metrics.payback.de https://dpm.demdex.net https://checkoutshopper-live.adyen.com *.yotpo.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com *.vimeocdn.com js.braintreegateway.com cdn-scripts.signifyd.com www.youtube.com *.adyen.com r1-t.trackedlink.net r2-t.trackedlink.net r3-t.trackedlink.net r1.trackedweb.net r2.trackedweb.net r3.trackedweb.net static.trackedweb.net cdn.dnky.co api.comapi.com webchat.dotdigital.com https://www.google.com https://www.gstatic.com https://checkoutshopper-test.adyen.com https://cdn.cookielaw.org https://maps.googleapis.com http://c.go-mpulse.net https://geolocation.onetrust.com https://checkoutshopper-live.adyen.com https://lgs9u.csb.app https://stats.epayworldwide.com *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com cdn.dnky.co webchat.dotdigital.com https://fonts.googleapis.com https://lgs9u.csb.app *.fontawesome.com *.yotpo.com *.googleapis.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com payments.sandbox.braintree-api.com origin-analytics-sand.sandbox.braintree-api.com assets.braintreegateway.com *.adyen.com r1-t.trackedlink.net r2-t.trackedlink.net r3-t.trackedlink.net r1.trackedweb.net r2.trackedweb.net r3.trackedweb.net static.trackedweb.net api.comapi.com webchat.dotdigital.com https://api.getaddress.io http://dpm.demdex.net https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://www.paypal.com https://stats.epayworldwide.com *.yotpo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://jeepay.report-uri.com/r/d/csp/reportOnly; report-to report-endpoint;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
referrer-policy: no-referrer
feature-policy: geolocation 'self'; vibrate 'none'
set-cookie: PHPSESSID=9l0spcpcrnuarktc6rkin6i5do; expires=Tue, 15-Mar-2022 10:37:20 GMT; Max-Age=3600; path=/; domain=giftcards-just-eat.ch; secure; HttpOnly; SameSite=Lax
set-cookie: ROUTEID=.node1; path=/; HttpOnly; SameSite=strict; secure
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ec445172cbe9259-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|