HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Fri, 17 Oct 2025 19:44:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 22837
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=vthj7h9e2uj61h9lslmpt720l3; expires=Sat, 18 Apr 2026 07:44:28 GMT; Max-Age=15768000; path=/; domain=.nuk.de; secure; HttpOnly; SameSite=Lax
Set-Cookie: X-Magento-Vary=93bcab819d9a752763151f3f9753bd027b0c4b943a3af0d08373f59ecc5e4528; expires=Sat, 18 Apr 2026 07:44:29 GMT; Max-Age=15768000; path=/; secure; HttpOnly; SameSite=Lax
Login-Required: true
Content-Security-Policy-Report-Only: font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com *.googleapis.com *.fontawesome.com d1w350bl4wlonm.cloudfront.net d8mmzo4dbge7k.cloudfront.net drevs12goudzk.cloudfront.net d2zjb5saaoidg0.cloudfront.net d1bj2pk3s4epo2.cloudfront.net d12kmzq5k6k6i9.cloudfront.net d3o0jgwii26u89.cloudfront.net nuk.de applepay.cdn-apple.com cdnjs.cloudflare.com/ 'self' data: https://widgets.trustedshops.com https://integrations.etrusted.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com api.bazaarvoice.com stg.api.bazaarvoice.com oppwa.com *.oppwa.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ *.braintreegateway.com *.paypal.com google.com *.google.com www.google.com *.awin1.com *.zenaps.com *.fls.doubleclick.net display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com https://www.googletagmanager.com/ configurator.nuk.de pay.google.com applepay.cdn-apple.com cmp.osano.com match.adsrvr.org hal9000.redintelligence.net insight.adsrvr.org ad.ad-srv.net d.c.cdnsrv.de surveymonkey.com www.surveymonkey.com secure.novalnet.de customers.barzahlen.de customers-sandbox.barzahlen.de oppwa.com *.oppwa.com data:text 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com p.typekit.net *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.googleapis.com www.gstatic.com *.awin1.com *.zenaps.com display.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com network-a.bazaarvoice.com network-stg-a.bazaarvoice.com photos-uat-us.bazaarvoice.com img.youtube.com http://www.googleadservices.com/ http://www.google-analytics.com/ https://www.googleadservices.com/ https://www.google-analytics.com/ https://www.google.com/ magefan.com cm.magefan.com d1w350bl4wlonm.cloudfront.net d8mmzo4dbge7k.cloudfront.net drevs12goudzk.cloudfront.net d2zjb5saaoidg0.cloudfront.net d1bj2pk3s4epo2.cloudfront.net d12kmzq5k6k6i9.cloudfront.net d3o0jgwii26u89.cloudfront.net display-stg.ugc.bazaarvoice.com network-eu-stg-a.bazaarvoice.com network-eu-a.bazaarvoice.com nuk.de cdn.pixabay.com maps.googleapis.com ad.doubleclick.net t.uimserv.net maps.gstatic.com lantern.roeye.com pagead2.googlesyndication.com https://api.mapbox.com oppwa.com *.oppwa.com 'self' data: https://widgets.trustedshops.com https://integrations.etrusted.com data: 'self' 'unsafe-inline'; script-src googleads.g.doubleclick.net www.googleadservices.com google-analytics.com analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.adobedtm.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net *.typekit.net google.com *.google.com *.cdn-apple.com *.googleapis.com *.gstatic.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ *.awin1.com www.dwin1.com *.zenaps.com https://the.sciencebehindecommerce.com apps.bazaarvoice.com apps.nexus.bazaarvoice.com apps-stg.nexus.bazaarvoice.com analytics-static.ugc.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com display.ugc.bazaarvoice.com api.bazaarvoice.com stg.api.bazaarvoice.com mpsnare.iesnare.com widget.freshworks.com m2epro.freshdesk.com http://www.googletagmanager.com/ https://www.googletagmanager.com/ d1w350bl4wlonm.cloudfront.net d8mmzo4dbge7k.cloudfront.net drevs12goudzk.cloudfront.net d2zjb5saaoidg0.cloudfront.net d1bj2pk3s4epo2.cloudfront.net d12kmzq5k6k6i 9.cloudfront.net d3o0jgwii26u89.cloudfront.net mapagmbh.germany-2.evergage.com cdn.evgnet.com/ network-eu-stg-a.bazaarvoice.com network-eu-a.bazaarvoice.com facebook.net facebook.com etracker.com etracker.de nuk.de maps.googleapis.com cmp.osano.com newell.piwik.pro tm.ad-srv.net s.uicdn.com connect.facebook.net cdn.mookie1.com acdn.adnxs.com js.adsrvr.org r.df-srv.de d.c.cdnsrv.de widget.surveymonkey.com ajax.googleapis.com lantern.roeye.com cdn.novalnet.de cdn.barzahlen.de *.oppwa.com oppwa.com https://widgets.trustedshops.com https://integrations.etrusted.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com display.ugc.bazaarvoice.com widget.freshworks.com m2epro.freshdesk.com *.fontawesome.com d1w350bl4wlonm.cloudfront.net d8mmzo4dbge7k.cloudfront.net drevs12goudzk.cloudfront.net d2zjb5saaoidg0.cloudfront.net d1bj2pk3s4epo2.cloudfront.net d12kmzq5k6k6i9.cloudfront.net d3o0jgwii26u89.cloudfront.net nuk.de cdnjs.cloudflare.com/ oppwa.com *.oppwa.com *.googleapis.com *.gstatic.com https://widgets.trustedshops.com https://integrations.etrusted.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src http://www.googleadservices.com/ http://www.google-analytics.com/ https://www.googleadservices.com/ https://www.google-analytics.com/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src www.googleadservices.com www.google-analytics.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.adobe.io performance.typekit.net *.sentry.io *.paypal.com google.com *.google.com *.googleapis.com https://the.sciencebehindecommerce.com api.bazaarvoice.com stg.api.bazaarvoice.com apps.bazaarvoice.com network.bazaarvoice.com network-stg.bazaarvoice.com widget.freshworks.com m2epro.freshdesk.com http://stats.g.doubleclick.net/ https://stats.g.doubleclick.net/ http://www.google-analytics.com/ https://www.google-analytics.com/ d1w350bl4wlonm.cloudfront.net d8mmzo4dbge7k.cloudfront.net drevs12goudzk.cloudfront.net d2zjb5saaoidg0.cloudfront.net d1bj2pk3s4epo2.cloudfront.net d12kmzq5k6k6i9.cloudfront.net d3o0jgwii26u89.cloudfront.net nuk.de secure.novalnet.de maps.googleapis.com newell.piwik.pro www.google.com googleads.g.doubleclick.net mapagmbh.germany-2.evergage.com www.wepowerconnections.com cmp.osano.com bat.bing.com/ lantern.roeye.com pagead2.googlesyndication.com oppwa.com *.oppwa.com autocomplete2.postdirekt.de *.google-analytics.com *.trustedshops.com *.etrusted.com 'self' 'unsafe-inline'; child-src *.awin1.com *.zenaps.com http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mo