HTTP/1.1 308 Permanent Redirect
Date: Fri, 17 Dec 2021 08:39:20 GMT
Content-Type: text/html
Content-Length: 164
Connection: keep-alive
Location: http://www.bluemovement.de/
HTTP/1.1 301 Moved Permanently
Date: Fri, 17 Dec 2021 08:39:20 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 68
Connection: keep-alive
Content-Security-Policy: default-src 'self' *.ctfassets.net *.contentful.com https://api.bluemovement.nl;frame-src 'self' data.bluemovement.com *.trustpilot.com *.freshchat.com *.stripe.com *.youtube.com *.cookiebot.com *.doubleclick.net *.pagesense.io *.googletagmanager.com *.googleapis.com *.facebook.com *.surveymonkey.com *.loadbee.com;script-src 'self' data.bluemovement.com *.stripe.com *.trustpilot.com *.freshchat.com *.newrelic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.cookiebot.com *.facebook.net 'unsafe-eval' *.nr-data.net *.wisernotify.com *.pagesense.io *.bing.com *.doubleclick.net *.zohocdn.com 'unsafe-inline' *.surveymonkey.com;script-src-elem 'self' data.bluemovement.com *.stripe.com *.trustpilot.com *.freshchat.com *.newrelic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.cookiebot.com *.facebook.net 'unsafe-eval' *.nr-data.net *.wisernotify.com *.pagesense.io *.bing.com *.doubleclick.net *.zohocdn.com 'unsafe-inline' *.surveymonkey.com *.outbrain.com *.pinimg.com *.taboola.com *.loadbee.com;connect-src 'self' *.cookiebot.com *.wisermapp.com *.bluemovement.com *.google-analytics.com *.nr-data.net *.google.com *.doubleclick.net *.zoho.eu https://api.bluemovement.nl *.contentful.com *.bing.com *.surveymonkey.com *.loadbee.com;font-src 'self' https: data:;img-src 'self' https: data: http:;style-src 'self' https: 'unsafe-inline';object-src 'none';frame-ancestors 'self' *.contentful.com;upgrade-insecure-requests
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 0
Access-Control-Allow-Origin: *
Location: https://www.bluemovement.com/de-de
Vary: Accept, Accept-Encoding
HTTP/1.1 200 OK
Date: Fri, 17 Dec 2021 08:39:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 4205784
Connection: keep-alive
Vary: Accept-Encoding
Content-Security-Policy: default-src 'self' *.ctfassets.net *.contentful.com https://api.bluemovement.nl;frame-src 'self' data.bluemovement.com *.trustpilot.com *.freshchat.com *.stripe.com *.youtube.com *.cookiebot.com *.doubleclick.net *.pagesense.io *.googletagmanager.com *.googleapis.com *.facebook.com *.surveymonkey.com *.loadbee.com;script-src 'self' data.bluemovement.com *.stripe.com *.trustpilot.com *.freshchat.com *.newrelic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.cookiebot.com *.facebook.net 'unsafe-eval' *.nr-data.net *.wisernotify.com *.pagesense.io *.bing.com *.doubleclick.net *.zohocdn.com 'unsafe-inline' *.surveymonkey.com;script-src-elem 'self' data.bluemovement.com *.stripe.com *.trustpilot.com *.freshchat.com *.newrelic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.googleapis.com *.cookiebot.com *.facebook.net 'unsafe-eval' *.nr-data.net *.wisernotify.com *.pagesense.io *.bing.com *.doubleclick.net *.zohocdn.com 'unsafe-inline' *.surveymonkey.com *.outbrain.com *.pinimg.com *.taboola.com *.loadbee.com;connect-src 'self' *.cookiebot.com *.wisermapp.com *.bluemovement.com *.google-analytics.com *.nr-data.net *.google.com *.doubleclick.net *.zoho.eu https://api.bluemovement.nl *.contentful.com *.bing.com *.surveymonkey.com *.loadbee.com;font-src 'self' https: data:;img-src 'self' https: data: http:;style-src 'self' https: 'unsafe-inline';object-src 'none';frame-ancestors 'self' *.contentful.com;upgrade-insecure-requests
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 0
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-Powered-By: Next.js
ETag: "402cd8-piPkD9kz8Nd01JcG8zQCn0aKBUY"
Vary: Accept-Encoding
|