HTTP/1.1 301 Moved Permanently
Server: Sucuri/Cloudproxy
Date: Sat, 23 Oct 2021 23:13:26 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Sucuri-ID: 20030
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Set-Cookie: PHPSESSID=e6641a59ab049e499de5a5d33abb8933; expires=Sat, 30-Oct-2021 23:13:26 GMT; Max-Age=604800; path=/; domain=www.roofdepot.co.uk; HttpOnly; SameSite=Lax
Set-Cookie: X-Magento-Vary=c58cc7336841735bf5ef13185766282824a9d073; expires=Sat, 30-Oct-2021 23:13:26 GMT; Max-Age=604800; path=/; HttpOnly; SameSite=Lax
Report-To: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"https:\/\/optagon.report-uri.com\/r\/d\/csp\/reportOnly"}]}
Content-Security-Policy-Report-Only: font-src *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.fontawesome.com use.typekit.net data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com https://seo.mageplaza.com *.cardinalcommerce.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https://www.google.com/recaptcha/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.google.com *.doubleclick.net *.facebook.com account.fetchify.com *.paypal.com vars.hotjar.com *.braintreegateway.com *.kaptcha.com s7.addthis.com assets.pinterest.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com 'self' data: www.google.co.uk *.google.bg *.facebook.com *.facebook.net *.doubleclick.net p.typekit.net www.google.com img.youtube.com bat.bing.com *.amazonaws.com *.paypal.com www.addthis.com log.pinterest.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.google.com *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net maps.googleapis.com use.typekit.net cdnjs.cloudflare.com www.google.com www.gstatic.com js-agent.newrelic.com *.nr-data.net *.youtube.com www.dynamicnumbers.mediahawk.co.uk bat.bing.com *.paypal.com songbirdstag.cardinalcommerce.com s7.addthis.com m.addthis.com v1.addthisedge.com assets.pinterest.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline *.googleapis.com *.doubleclick.net *.facebook.com cc-cdn.com *.fontawesome.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.google-analytics.com *.facebook.com *.facebook.net api.craftyclicks.co.uk pcls1.craftyclicks.co.uk *.nr-data.net www.dynamicnumbers.mediahawk.co.uk www.googleadservices.com www.google.com www.google.co.uk stats.g.doubleclick.net bat.bing.com *.paypal.com *.cardinalcommerce.com m.addthis.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://optagon.report-uri.com/r/d/csp/reportOnly; report-to report-endpoint;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Location: https://www.roofdepot.co.uk/
X-Cache-Via: varnish
X-Host: roofdepot.co.uk
X-Varnish: 164058
X-Cache: MISS
X-Varnish-Age: 0
Pragma: no-cache
Expires: -1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-Cache-NxAccel: BYPASS
X-Sucuri-Cache: MISS
HTTP/2 200
server: nginx
date: Sat, 23 Oct 2021 23:13:26 GMT
content-type: text/html; charset=UTF-8
x-sucuri-id: 20030
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
report-to: {"group":"report-endpoint","max_age":10886400,"endpoints":[{"url":"https:\/\/optagon.report-uri.com\/r\/d\/csp\/reportOnly"}]}
content-security-policy-report-only: font-src *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.fontawesome.com use.typekit.net data: 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com https://seo.mageplaza.com *.cardinalcommerce.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https://www.google.com/recaptcha/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.google.com *.doubleclick.net *.facebook.com account.fetchify.com *.paypal.com vars.hotjar.com *.braintreegateway.com *.kaptcha.com s7.addthis.com assets.pinterest.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com 'self' data: www.google.co.uk *.google.bg *.facebook.com *.facebook.net *.doubleclick.net p.typekit.net www.google.com img.youtube.com bat.bing.com *.amazonaws.com *.paypal.com www.addthis.com log.pinterest.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.google.com *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net maps.googleapis.com use.typekit.net cdnjs.cloudflare.com www.google.com www.gstatic.com js-agent.newrelic.com *.nr-data.net *.youtube.com www.dynamicnumbers.mediahawk.co.uk bat.bing.com *.paypal.com songbirdstag.cardinalcommerce.com s7.addthis.com m.addthis.com v1.addthisedge.com assets.pinterest.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com unsafe-inline *.googleapis.com *.doubleclick.net *.facebook.com cc-cdn.com *.fontawesome.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.google-analytics.com *.facebook.com *.facebook.net api.craftyclicks.co.uk pcls1.craftyclicks.co.uk *.nr-data.net www.dynamicnumbers.mediahawk.co.uk www.googleadservices.com www.google.com www.google.co.uk stats.g.doubleclick.net bat.bing.com *.paypal.com *.cardinalcommerce.com m.addthis.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://optagon.report-uri.com/r/d/csp/reportOnly; report-to report-endpoint;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-cache-via: varnish
x-host: www.roofdepot.co.uk
x-varnish: 819284 32771
x-cache: HIT
x-varnish-age: 13208
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-cache-nxaccel: BYPASS
x-sucuri-cache: MISS
|