HTTP/1.1 301 Moved Permanently
Content-length: 0
Location: https://sancta-domenica.hr/
HTTP/2 302
date: Wed, 20 Oct 2021 17:20:45 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=ltbrddgfduetlt9ce6v0g2ii9s; expires=Wed, 20-Oct-2021 18:20:45 GMT; Max-Age=3600; path=/; domain=sancta-domenica.hr; secure; HttpOnly; SameSite=Lax
set-cookie: wp_customerId=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=sancta-domenica.hr; SameSite=Lax
set-cookie: wp_customerGroup=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=sancta-domenica.hr; SameSite=Lax
location: https://www.sancta-domenica.hr/
content-security-policy-report-only: font-src *.fontawesome.com *.helloumi.com *.flixfacts.com *.flixcar.com cdn.sancta-domenica.hr *.esisapp.com data: *.yotpo.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.txpmnts.com *.facebook.com cdn.sancta-domenica.hr *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com landbot.io *.flixcar.com *.facebook.com *.facebook.com/tr *.twitter.com *.google.com *.youtube.com *.youtu.be *.txpmnts.com *.addthis.com *.monri.com cdn.sancta-domenica.hr *.loadbee.com consentcdn.cookiebot.com *.samsung.com *.weltpixel.com *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.helloumi.com storage.googleapis.com *.flixcar.com *.flix360.com *.twitter.com *.pinterest.com *.news.samsung.com *.moja-trgovina.net *.jwpsrv.com *.samsung.com promocije.sancta-domenica.hr cdn.sancta-domenica.hr *.google.com *.google.de *.facebook.com *.kxcdn.com *.nrholding.net fugajcreative.hr *.doubleclick.net *.google.hr *.webpushr.com *.prismic.io *.esisapp.com *.esisatc.com *.googletagmanager.com *.bosch-home.com *.gstatic.com *.yotpo.com 'self' 'unsafe-inline'; script-src assets.adobedtm.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com www.youtube.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com cdn.dnky.co api.comapi.com webchat.dotdigital.com *.avada.io api.exponea.com *.helloumi.com *.facebook.net *.pinterest.com *.google.com *.twitter.com *.flixfacts.com *.flixcar.com *.loadbee.com *.channelsight.com *.txpmnts.com *.addthis.com *.moatads.com *.addthisedge.com *.gstatic.com *.mailerlite.com *.zdassets.com *.webpushr.com *.zopim.com *.doubleclick.net *.monri.com cdn.sancta-domenica.hr *.adform.net inte.searchnode.io *.esisapp.com *.cookiebot.com *.flix360.io consentcdn.cookiebot.com bam.eu01.nr-data.net *.newrelic.com *.googleapis.com https://www.googletagmanager.com tagmanager.google.com *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com cdn.dnky.co webchat.dotdigital.com *.fontawesome.com *.flixcar.com *.flixfacts.com fugajcreative.hr static.mailerlite.com cdn.sancta-domenica.hr media.sancta-domenica.hr *.esisapp.com tagmanager.google.com *.yotpo.com *.googleapis.com blob: 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.zdassets.com cdn.sancta-domenica.hr *.youtube.com *.youtu.be 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com api.comapi.com webchat.dotdigital.com *.exponea.com *.addthis.com *.google-analytics.com *.doubleclick.net bot.webpushr.com analytics.webpushr.com *.zdassets.com sanctadomenica.zendesk.com wss://widget-mediator.zopim.com cdn.sancta-domenica.hr *.loadbee.com *.esisapp.com *.google.com bam.eu01.nr-data.net *.cookiebot.com *.yotpo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.salesmanago.pl *.salesmanago.es *.salesmanago.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-forwarded-proto: https
x-host: sancta-domenica.hr
vary: Accept-Encoding
age: 0
x-magento-cache-debug: MISS
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-security-policy: default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' *.sancta-domenica.hr sancta-domenica.hr *.sancta-domenica.ba sancta-domenica.ba *.samsungshop.hr samsungshop.hr;
x-content-security-policy: default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' *.sancta-domenica.hr sancta-domenica.hr *.sancta-domenica.ba sancta-domenica.ba *.samsungshop.hr samsungshop.hr;
x-webkit-csp: default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' *.sancta-domenica.hr sancta-domenica.hr *.sancta-domenica.ba sancta-domenica.ba *.samsungshop.hr samsungshop.hr;
strict-transport-security: max-age=63072000; includeSubDomains; preload
HTTP/2 200
date: Wed, 20 Oct 2021 17:00:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-cache-tags: 824,a1a,1b1,3df,098,0c2,f01,c07,d5b,663,51b,7b4,72d,eb3,139,f9f,732,59c,971,129,147,d5e,d57,b52,0a7,bf2,94c,add,34f,6f4,280,3f6,99a,a8d,1a5,bfa,dba,5ae,a17,84c,889,b03,73b,bd7,4de,353,4fb,58d,8c7,1b2,e0f,d2c,d60,785,83d,6f6,699,cc3,723,1a2,423,68a,975,0e5
content-security-policy-report-only: font-src *.fontawesome.com *.helloumi.com *.flixfacts.com *.flixcar.com cdn.sancta-domenica.hr *.esisapp.com data: *.yotpo.com *.googleapis.com *.gstatic.com 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.txpmnts.com *.facebook.com cdn.sancta-domenica.hr *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com landbot.io *.flixcar.com *.facebook.com *.facebook.com/tr *.twitter.com *.google.com *.youtube.com *.youtu.be *.txpmnts.com *.addthis.com *.monri.com cdn.sancta-domenica.hr *.loadbee.com consentcdn.cookiebot.com *.samsung.com *.weltpixel.com *.yotpo.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.helloumi.com storage.googleapis.com *.flixcar.com *.flix360.com *.twitter.com *.pinterest.com *.news.samsung.com *.moja-trgovina.net *.jwpsrv.com *.samsung.com promocije.sancta-domenica.hr cdn.sancta-domenica.hr *.google.com *.google.de *.facebook.com *.kxcdn.com *.nrholding.net fugajcreative.hr *.doubleclick.net *.google.hr *.webpushr.com *.prismic.io *.esisapp.com *.esisatc.com *.googletagmanager.com *.bosch-home.com *.gstatic.com *.yotpo.com 'self' 'unsafe-inline'; script-src assets.adobedtm.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com www.youtube.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com cdn.dnky.co api.comapi.com webchat.dotdigital.com *.avada.io api.exponea.com *.helloumi.com *.facebook.net *.pinterest.com *.google.com *.twitter.com *.flixfacts.com *.flixcar.com *.loadbee.com *.channelsight.com *.txpmnts.com *.addthis.com *.moatads.com *.addthisedge.com *.gstatic.com *.mailerlite.com *.zdassets.com *.webpushr.com *.zopim.com *.doubleclick.net *.monri.com cdn.sancta-domenica.hr *.adform.net inte.searchnode.io *.esisapp.com *.cookiebot.com *.flix360.io consentcdn.cookiebot.com bam.eu01.nr-data.net *.newrelic.com *.googleapis.com https://www.googletagmanager.com tagmanager.google.com *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com cdn.dnky.co webchat.dotdigital.com *.fontawesome.com *.flixcar.com *.flixfacts.com fugajcreative.hr static.mailerlite.com cdn.sancta-domenica.hr media.sancta-domenica.hr *.esisapp.com tagmanager.google.com *.yotpo.com *.googleapis.com blob: 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.zdassets.com cdn.sancta-domenica.hr *.youtube.com *.youtu.be 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.salesmanago.pl *.salesmanago.es *.salesmanago.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com api.comapi.com webchat.dotdigital.com *.exponea.com *.addthis.com *.google-analytics.com *.doubleclick.net bot.webpushr.com analytics.webpushr.com *.zdassets.com sanctadomenica.zendesk.com wss://widget-mediator.zopim.com cdn.sancta-domenica.hr *.loadbee.com *.esisapp.com *.google.com bam.eu01.nr-data.net *.cookiebot.com *.yotpo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.salesmanago.pl *.salesmanago.es *.salesmanago.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-forwarded-proto: https
x-host: www.sancta-domenica.hr
age: 1239
x-magento-cache-debug: HIT
grace: none
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-language: bytes
content-security-policy: default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' *.sancta-domenica.hr sancta-domenica.hr *.sancta-domenica.ba sancta-domenica.ba *.samsungshop.hr samsungshop.hr;
x-content-security-policy: default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' *.sancta-domenica.hr sancta-domenica.hr *.sancta-domenica.ba sancta-domenica.ba *.samsungshop.hr samsungshop.hr;
x-webkit-csp: default-src * blob: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' *.sancta-domenica.hr sancta-domenica.hr *.sancta-domenica.ba sancta-domenica.ba *.samsungshop.hr samsungshop.hr;
strict-transport-security: max-age=63072000; includeSubDomains; preload
|