HTTP/1.1 302 Found
Date: Fri, 22 Oct 2021 17:28:07 GMT
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=p7tol578h4p8ej21p9j4pu17gr; expires=Fri, 22-Oct-2021 18:28:07 GMT; Max-Age=3600; path=/; domain=factory-direct-flooring.co.uk; HttpOnly; SameSite=Lax
Location: https://www.factory-direct-flooring.co.uk/
Report-To: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"https:\/\/factorydirectflooring.report-uri.com\/r\/d\/csp\/reportOnly"}]}
Content-Security-Policy-Report-Only: font-src www.searchanise.com *.sagepay.com *.fontawesome.com *.gstatic.com *.yotpo.com *.googleapis.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net pilot-payflowlink.paypal.com www.searchanise.com syndication.twitter.com platform.twitter.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.sagepay.com *.facebook.com *.arcot.com *.securesuite.co.uk *.mycardsecure.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.facebook.net 'self'; frame-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com assets.braintreegateway.com www.searchanise.com platform.twitter.com syndication.twitter.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.sagepay.com *.google.com *.hotjar.com *.facebook.com *.youtube.com *.addthis.com *.arcot.com *.securesuite.co.uk *.pinterest.com *.mycardsecure.com *.yotpo.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com platform.twitter.com abs.twimg.com pbs.twimg.com ton.twimg.com syndication.twitter.com www.google.com www.google.ru www.searchanise.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.paypal.com *.sagepay.com validate.fishpig.co.uk *.facebook.com *.facebook.net *.bing.com *.pinterest.com *.google.com *.google.co.uk *.gstatic.com *.limely.co.uk *.gravatar.com *.googletagmanager.com *.postcodeanywhere.co.uk *.addthis.com *.factory-direct-flooring.co.uk *.carpetworlduk.co.uk *.yotpo.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com *.vimeocdn.com js.authorize.net jstest.authorize.net js.braintreegateway.com cdn-scripts.signifyd.com www.youtube.com searchanise-ef84.kxcdn.com s3.amazonaws.com ajax.aspnetcdn.com www.searchanise.com static.searchanise.com api.amplitude.com platform.twitter.com cdn.syndication.twimg.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.sagepay.com *.cardinalcommerce.com *.googletagmanager.com *.facebook.net apis.google.com cdn.livechatinc.com *.hotjar.com *.bing.com *.pinimg.com *.pcapredict.com *.postcodeanywhere.co.uk *.pinterest.com *.addthis.com *.addthisedge.com *.gstatic.com *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com www.searchanise.com searchanise-ef84.kxcdn.com s3.amazonaws.com platform.twitter.com ton.twimg.com *.sagepay.com *.googleapis.com *.postcodeanywhere.co.uk *.gstatic.com *.fontawesome.com *.yotpo.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com payments.sandbox.braintree-api.com origin-analytics-sand.sandbox.braintree-api.com assets.braintreegateway.com api.amplitude.com stats.g.doubleclick.net www.google-analytics.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.paypal.com *.sagepay.com *.google-analytics.com *.cardinalcommerce.com *.googleapis.com *.pinterest.com *.hotjar.com wss://*.hotjar.com wss://*.hotjar.com/ *.hotjar.io *.postcodeanywhere.co.uk *.facebook.com *.doubleclick.net *.bing.com *.addthis.com *.reviews.co.uk *.yotpo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://factorydirectflooring.report-uri.com/r/d/csp/reportOnly; report-to report-endpoint;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Pragma: no-cache
Expires: -1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Server: MageStack-MagentoOS
HTTP/2 200
date: Fri, 22 Oct 2021 13:09:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"https:\/\/factorydirectflooring.report-uri.com\/r\/d\/csp\/reportOnly"}]}
content-security-policy-report-only: font-src www.searchanise.com *.sagepay.com *.fontawesome.com *.gstatic.com *.yotpo.com *.googleapis.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net pilot-payflowlink.paypal.com www.searchanise.com syndication.twitter.com platform.twitter.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.sagepay.com *.facebook.com *.arcot.com *.securesuite.co.uk *.mycardsecure.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.facebook.net 'self'; frame-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com assets.braintreegateway.com www.searchanise.com platform.twitter.com syndication.twitter.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.sagepay.com *.google.com *.hotjar.com *.facebook.com *.youtube.com *.addthis.com *.arcot.com *.securesuite.co.uk *.pinterest.com *.mycardsecure.com *.yotpo.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com platform.twitter.com abs.twimg.com pbs.twimg.com ton.twimg.com syndication.twitter.com www.google.com www.google.ru www.searchanise.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.paypal.com *.sagepay.com validate.fishpig.co.uk *.facebook.com *.facebook.net *.bing.com *.pinterest.com *.google.com *.google.co.uk *.gstatic.com *.limely.co.uk *.gravatar.com *.googletagmanager.com *.postcodeanywhere.co.uk *.addthis.com *.factory-direct-flooring.co.uk *.carpetworlduk.co.uk *.yotpo.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com *.vimeocdn.com js.authorize.net jstest.authorize.net js.braintreegateway.com cdn-scripts.signifyd.com www.youtube.com searchanise-ef84.kxcdn.com s3.amazonaws.com ajax.aspnetcdn.com www.searchanise.com static.searchanise.com api.amplitude.com platform.twitter.com cdn.syndication.twimg.com *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.sagepay.com *.cardinalcommerce.com *.googletagmanager.com *.facebook.net apis.google.com cdn.livechatinc.com *.hotjar.com *.bing.com *.pinimg.com *.pcapredict.com *.postcodeanywhere.co.uk *.pinterest.com *.addthis.com *.addthisedge.com *.gstatic.com *.yotpo.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com www.searchanise.com searchanise-ef84.kxcdn.com s3.amazonaws.com platform.twitter.com ton.twimg.com *.sagepay.com *.googleapis.com *.postcodeanywhere.co.uk *.gstatic.com *.fontawesome.com *.yotpo.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com payments.sandbox.braintree-api.com origin-analytics-sand.sandbox.braintree-api.com assets.braintreegateway.com api.amplitude.com stats.g.doubleclick.net www.google-analytics.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.paypal.com *.sagepay.com *.google-analytics.com *.cardinalcommerce.com *.googleapis.com *.pinterest.com *.hotjar.com wss://*.hotjar.com wss://*.hotjar.com/ *.hotjar.io *.postcodeanywhere.co.uk *.facebook.com *.doubleclick.net *.bing.com *.addthis.com *.reviews.co.uk *.yotpo.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://factorydirectflooring.report-uri.com/r/d/csp/reportOnly; report-to report-endpoint;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
last-modified: Fri, 22 Oct 2021 13:09:46 GMT
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
server: MageStack-MagentoOS
strict-transport-security: max-age=0
|