bodenheizung-24.de Review
bodenheizung-24.de Review
| Titletag | Descriptiontag | language |
|---|
| Bodenheizung 24 | Elektrische Fußbodenheizungen | |
German |
| Ip adress | 88.198.170.129 | Nameserver | ns1.timmehosting.de
ns3.timmehosting.de
ns2.timmehosting.de |
Status code | 200 |
robots.txt
N/A
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0
Date: Fri, 29 Aug 2025 05:03:31 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://bodenheizung-24.de/
HTTP/1.1 302 Found
Server: nginx/1.18.0
Date: Fri, 29 Aug 2025 05:03:33 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: PHPSESSID=527795b14487dbe9fa337c58d7d64a2f; expires=Fri, 29 Aug 2025 06:03:33 GMT; Max-Age=3600; path=/; domain=bodenheizung-24.de; secure; SameSite=Lax
Location: https://www.bodenheizung-24.de/
Content-Security-Policy-Report-Only: worker-src 'none'; font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com 'self' data: https://maxcdn.bootstrapcdn.com *.bootstrapcdn.com *.fontawesome.com *.googleapis.com https://fonts.bunny.net *.alothemes.com *.magepow.com https://widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de https://seo.mageplaza.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * test.saferpay.com www.saferpay.com saferpay.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ *.braintreegateway.com *.paypal.com google.com *.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de 'self' https://js.stripe.com landofcoder.com js.mollie.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * test.saferpay.com www.saferpay.com saferpay.com https://app-wallee.com www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com *.adobedtm.com *.cloudflare.com *.googleadservices.com *.google-analytics.com cdn.jsdelivr.net www.google.by www.google.ru dsum.casalemedia.com csync.loopme.me *.lesperformads.com https://*.vo.msecnd.net cdn.doofinder.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com magefan.com cm.magefan.com *.disqus.com https://firebasestorage.googleapis.com *.alothemes.com *.magepow.com adservice.google.com *.google.co.uk *.trustedshops.com *.facebook.com *.usercentrics.eu *.bidswitch.net *.ad4m.at *.adnxs.com *.adserver01.de *.adition.com *.adnet.de ad.doubleclick.net dsum-sec.casalemedia.com pixel.rubiconproject.com usync.vrtcal.com cm.adform.net e1.emxdgt.com ad.yieldlab.net *.adcell.com *.converify.com *.omtrdc.net *.demdex.net *.everesttech.net *.magentocommerce.com *.doubleclick.net *.ytimg.com *.validator.swagger.io *.cloudfront.net *.s3.amazonaws.com *.mailchimp.com *.google.com *.braintreegateway.com *.saferpay.com *.app-wallee.com *.xtento.com bodenheizung-24.de ad.360yield.com *.pubmine.com *.sync.1rx.io *.unrulymedia.com https://www.mollie.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com test.saferpay.com www.saferpay.com saferpay.com https://widgets.trustedshops.com https://widgets-qa.trustedshops.com https://app-wallee.com www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com *.vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de 'report-sample' 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *.adobedtm.com *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com js.braintreegateway.com assets.braintreegateway.com *.cardinalcommerce.com songbirdstag.cardinalcommerce.com *.cloudflare.com pay.google.com *.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com apis.google.com *.googleapis.com *.googleadservices.com *.gstatic.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ https://www.gstatic.com/recaptcha https://www.google.com/recaptcha *.google.com/ https://maps.googleapis.com/maps/api/js *.instagram.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.paypalobjects.com c.paypal.com *.paypal.com sandbox.paypal.com *.sandbox.paypal.com https://js.stripe.com/v3/ *.stripe.com *.link.com cdn.jsdelivr.net cdn.doofinder.com chimpstatic.com downloads.mailchimp.com *.list-manage.com https://polyfill.io landofcoder.com *.disqus.com *.alothemes.com *.magepow.com *.facebook.net *.usercentrics.eu matomo.bodenheizung-24.de *.adcell.com *.trustedshops.com *.smarketer.de *.ad-srv.net *.ad4m.at ad4m.at *.hyj.mobi *.adnet.de *.twitter.com js.mollie.com test.saferpay.com www.saferpay.com saferpay.com https://widgets.trustedshops.com https://widgets-qa.trustedshops.com https://integrations.etrusted.com https://integrations.etrusted.site https://static-app.connect.trustedshops.com https://static-app.connect-qa.trustedshops.com https://app-wallee.com https://gmtech.mfgroup.ch https://assets.secure.checkout.visa.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com 'report-sample' 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com *.bootstrapcdn.com *.cloudflare.com *.fontawesome.com *.googleapis.com *.gstatic.com cdn.jsdelivr.net *.doofinder.com downloads.mailchimp.com https://fonts.bunny.net *.alothemes.com *.magepow.com *.adnet.de assets.braintreegateway.com https://widgets.trustedshops.com https://static-app.connect.trustedshops.com https://static-app.connect-qa.trustedshops.com https://app-wallee.com 'self' 'unsafe-inline'; object-src landofcoder.com 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'self' 'unsafe-inline'; manifest-src 'self' 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de 'self' analytics.optimalpeople.fr *.gsitrix.com *.cloudflare.com 'self' https://maps.googleapis.com *.doofinder.com wss://*.doofinder.com landofcoder.com https://get.geojs.io *.avada.io *.alothemes.com *.magepow.com *.google-analytics.com matomo.bodenheizung-24.de *.usercentrics.eu *.doubleclick.net *.smarketer.de *.adcell.com *.ad4m.at *.trustedshops.com trustbadge.api.etrusted.com *.demdex.net *.omtrdc.net *.googlesyndication.com bodenheizung-24.de api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com test.saferpay.com www.saferpay.com saferpay.com *.etrusted.com https://integrations.etrusted.site https://app-wallee.com https://assets.secure.checkout.visa.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' test.saferpay.com www.saferpay.com saferpay.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'self' 'unsafe-inline';
Content-Security-Policy: upgrade-insecure-requests;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=edge
X-Magento-Cache-Debug: UNCACHEABLE
Pragma: no-cache
Expires: -1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy: frame-ancestors *
X-Frame-Options: ALLOW-FROM *
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 29 Aug 2025 05:03:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Security-Policy-Report-Only: worker-src 'none'; font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com 'self' data: https://maxcdn.bootstrapcdn.com *.bootstrapcdn.com *.fontawesome.com *.googleapis.com https://fonts.bunny.net *.alothemes.com *.magepow.com https://widgets.trustedshops.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de https://seo.mageplaza.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * test.saferpay.com www.saferpay.com saferpay.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ *.braintreegateway.com *.paypal.com google.com *.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de 'self' https://js.stripe.com landofcoder.com js.mollie.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com * test.saferpay.com www.saferpay.com saferpay.com https://app-wallee.com www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.payments-amazon.com *.adobedtm.com *.cloudflare.com *.googleadservices.com *.google-analytics.com cdn.jsdelivr.net www.google.by www.google.ru dsum.casalemedia.com csync.loopme.me *.lesperformads.com https://*.vo.msecnd.net cdn.doofinder.com ebizmarts-website.s3.amazonaws.com downloads.mailchimp.com gallery.mailchimp.com magefan.com cm.magefan.com *.disqus.com https://firebasestorage.googleapis.com *.alothemes.com *.magepow.com adservice.google.com *.google.co.uk *.trustedshops.com *.facebook.com *.usercentrics.eu *.bidswitch.net *.ad4m.at *.adnxs.com *.adserver01.de *.adition.com *.adnet.de ad.doubleclick.net dsum-sec.casalemedia.com pixel.rubiconproject.com usync.vrtcal.com cm.adform.net e1.emxdgt.com ad.yieldlab.net *.adcell.com *.converify.com *.omtrdc.net *.demdex.net *.everesttech.net *.magentocommerce.com *.doubleclick.net *.ytimg.com *.validator.swagger.io *.cloudfront.net *.s3.amazonaws.com *.mailchimp.com *.google.com *.braintreegateway.com *.saferpay.com *.app-wallee.com *.xtento.com bodenheizung-24.de ad.360yield.com *.pubmine.com *.sync.1rx.io *.unrulymedia.com https://www.mollie.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com test.saferpay.com www.saferpay.com saferpay.com https://widgets.trustedshops.com https://widgets-qa.trustedshops.com https://app-wallee.com www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com *.vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de 'report-sample' 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *.adobedtm.com *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com js.braintreegateway.com assets.braintreegateway.com *.cardinalcommerce.com songbirdstag.cardinalcommerce.com *.cloudflare.com pay.google.com *.google-analytics.com https://www.googletagmanager.com *.googletagmanager.com apis.google.com *.googleapis.com *.googleadservices.com *.gstatic.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ https://www.gstatic.com/recaptcha https://www.google.com/recaptcha *.google.com/ https://maps.googleapis.com/maps/api/js *.instagram.com klarna.com *.klarna.com *.klarnacdn.net *.klarnaevt.com *.paypalobjects.com c.paypal.com *.paypal.com sandbox.paypal.com *.sandbox.paypal.com https://js.stripe.com/v3/ *.stripe.com *.link.com cdn.jsdelivr.net cdn.doofinder.com chimpstatic.com downloads.mailchimp.com *.list-manage.com https://polyfill.io landofcoder.com *.disqus.com *.alothemes.com *.magepow.com *.facebook.net *.usercentrics.eu matomo.bodenheizung-24.de *.adcell.com *.trustedshops.com *.smarketer.de *.ad-srv.net *.ad4m.at ad4m.at *.hyj.mobi *.adnet.de *.twitter.com js.mollie.com test.saferpay.com www.saferpay.com saferpay.com https://widgets.trustedshops.com https://widgets-qa.trustedshops.com https://integrations.etrusted.com https://integrations.etrusted.site https://static-app.connect.trustedshops.com https://static-app.connect-qa.trustedshops.com https://app-wallee.com https://gmtech.mfgroup.ch https://assets.secure.checkout.visa.com www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com 'report-sample' 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com *.bootstrapcdn.com *.cloudflare.com *.fontawesome.com *.googleapis.com *.gstatic.com cdn.jsdelivr.net *.doofinder.com downloads.mailchimp.com https://fonts.bunny.net *.alothemes.com *.magepow.com *.adnet.de assets.braintreegateway.com https://widgets.trustedshops.com https://static-app.connect.trustedshops.com https://static-app.connect-qa.trustedshops.com https://app-wallee.com 'self' 'unsafe-inline'; object-src landofcoder.com 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'self' 'unsafe-inline'; manifest-src 'self' 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de 'self' analytics.optimalpeople.fr *.gsitrix.com *.cloudflare.com 'self' https://maps.googleapis.com *.doofinder.com wss://*.doofinder.com landofcoder.com https://get.geojs.io *.avada.io *.alothemes.com *.magepow.com *.google-analytics.com matomo.bodenheizung-24.de *.usercentrics.eu *.doubleclick.net *.smarketer.de *.adcell.com *.ad4m.at *.trustedshops.com trustbadge.api.etrusted.com *.demdex.net *.omtrdc.net *.googlesyndication.com bodenheizung-24.de api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com test.saferpay.com www.saferpay.com saferpay.com *.etrusted.com https://integrations.etrusted.site https://app-wallee.com https://assets.secure.checkout.visa.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' test.saferpay.com www.saferpay.com saferpay.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'self' 'unsafe-inline';
Content-Security-Policy: upgrade-insecure-requests;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
X-UA-Compatible: IE=edge
Content-Encoding: gzip
X-Magento-Cache-Debug: HIT
Grace: none
Pragma: no-cache
Expires: -1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Strict-Transport-Security: max-age=31536000;
Content-Security-Policy: frame-ancestors *
X-Frame-Options: ALLOW-FROM *