HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 17 Jan 2022 08:50:26 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://heckenonline.at/
HTTP/2 302
server: nginx
date: Mon, 17 Jan 2022 08:50:26 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=4n1vf47cnn8anpc9aui2skd14i; expires=Mon, 17-Jan-2022 09:50:26 GMT; Max-Age=3600; path=/; domain=heckenonline.at; secure; HttpOnly
location: https://www.heckenonline.at/
content-security-policy-report-only: font-src maxcdn.bootstrapcdn.com *.googleapis.com *.gstatic.com *.trustedshops.com 'self' 'unsafe-inline'; form-action 'self' 'unsafe-inline'; frame-ancestors 'self' 'unsafe-inline'; frame-src www.paypal.com www.sandbox.paypal.com *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com *.google.com *.google.com/recaptcha/ *.adyen.com *.youtube.com *.hotjar.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com www.googleadservices.com www.google-analytics.com *.google-analytics.com *.google.com/ads/ *.google.nl/ads/ *.adyen.com *.doubleclick.net *.datatrics.com *.facebook.com *.google.com *.google.nl 'self' data: 'self' 'unsafe-inline'; script-src www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com www.youtube.com www.googleadservices.com www.google-analytics.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com cdn.dnky.co webchat.dotdigital.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.google.com/recaptcha/ *.trustedshops.com cdn.jsdelivr.net/npm/ *.adyen.com *.hotjar.com *.datatrics.com *.facebook.net *.doubleclick.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com cdn.dnky.co webchat.dotdigital.com maxcdn.bootstrapcdn.com *.googleapis.com *.gstatic.com *.trustedshops.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com *.google-analytics.com *.doubleclick.net *.trustedshops.com *.hotjar.com *.datatrics.com 'self' 'unsafe-inline'; child-src 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-encoding: gzip
vary: Accept-Encoding
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-security-policy: upgrade-insecure-requests
x-ua-compatible: IE=Edge
HTTP/2 200
server: nginx
date: Mon, 17 Jan 2022 08:50:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
vary: Accept-Encoding
content-security-policy-report-only: font-src maxcdn.bootstrapcdn.com *.googleapis.com *.gstatic.com *.trustedshops.com 'self' 'unsafe-inline'; form-action 'self' 'unsafe-inline'; frame-ancestors 'self' 'unsafe-inline'; frame-src www.paypal.com www.sandbox.paypal.com *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com *.google.com *.google.com/recaptcha/ *.adyen.com *.youtube.com *.hotjar.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com www.googleadservices.com www.google-analytics.com *.google-analytics.com *.google.com/ads/ *.google.nl/ads/ *.adyen.com *.doubleclick.net *.datatrics.com *.facebook.com *.google.com *.google.nl 'self' data: 'self' 'unsafe-inline'; script-src www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com www.youtube.com www.googleadservices.com www.google-analytics.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com cdn.dnky.co webchat.dotdigital.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.google.com/recaptcha/ *.trustedshops.com cdn.jsdelivr.net/npm/ *.adyen.com *.hotjar.com *.datatrics.com *.facebook.net *.doubleclick.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com cdn.dnky.co webchat.dotdigital.com maxcdn.bootstrapcdn.com *.googleapis.com *.gstatic.com *.trustedshops.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com *.google-analytics.com *.doubleclick.net *.trustedshops.com *.hotjar.com *.datatrics.com 'self' 'unsafe-inline'; child-src 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-security-policy: upgrade-insecure-requests
x-ua-compatible: IE=Edge
|