HTTP/1.1 200 OK
Date: Mon, 29 Apr 2024 09:57:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: PHPSESSID=7q9v0nddgqpdj1bjltp3guhcmj; expires=Mon, 29-Apr-2024 13:57:53 GMT; Max-Age=14400; path=/; domain=staging.cutwel.co.uk; secure; HttpOnly; SameSite=Lax
x-built-with: Hyva Themes
content-security-policy-report-only: font-src *.hotjar.com *.klevu.com *.typekit.net *.sagepay.com *.globalpay.com https://fonts.gstatic.com maxcdn.bootstrapcdn.com *.ksearchnet.com *.gstatic.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.hotjar.com *.facebook.net *.facebook.com *.sagepay.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors *.bolt.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.googletagmanager.com *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.bolt.com https://www.google.com/recaptcha/ *.google.com/ *.hotjar.com *.youtube.com *.addthis.com *.trustpilot.com *.facebook.net *.facebook.com *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com *.sagepay.com account.fetchify.com *.americanexpress.com *.globalpay.com *.mastercard.com *.visa.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.klevu.com *.doubleclick.net *.bing.com *.google.com *.google.co.uk *.cutwel.co.uk https://images.unsplash.com *.trackedlink.net *.paypal.com *.sagepay.com ebizmarts-website.s3.amazonaws.com *.globalpay.com *.facebook.com *.googleadservices.com *.google-analytics.com *.googletagmanager.com *.ksearchnet.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com *.bolt.com *.commerce-quick-checkout.com http://localhost:8082 https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.google.com *.gstatic.com *.googletagmanager.com *.hotjar.com *.zdassets.com *.trackedlink.net *.addthis.com *.klevu.com *.trustpilot.com *.moatads.com *.addthisedge.com *.googleadservices.com *.doubleclick.net *.tctm.co *.bing.com *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com *.sagepay.com *.aexp-static.com https://ajax.aspnetcdn.com *.globalpay.com *.gpapiservices.com connect.facebook.net *.google-analytics.com js.klevu.com *.ksearchnet.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.myfonts.net *.klevu.com *.typekit.net *.googleapis.com cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com *.sagepay.com cc-cdn.com https://fonts.googleapis.com maxcdn.bootstrapcdn.com *.ksearchnet.com unsafe-inline assets.braintreegateway.com *.trustpilot.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.zdassets.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.bolt.com *.hotjar.com *.hotjar.io *.zdassets.com *.zopim.com *.doubleclick.net *.google-analytics.com *.tctm.co *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com webchat.staging.dotdigital.com *.paypal.com *.sagepay.com api.craftyclicks.co.uk pcls1.craftyclicks.co.uk *.analytics.google.com *.googletagmanager.com stats.g.doubleclick.net *.klevu.com *.ksearchnet.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.cardinalcommerce.com *.google.com google.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: MISS
pragma: no-cache
expires: -1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87be6e2a3dc89840-SJC
alt-svc: h3=":443"; ma=86400
SSL Certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:2e:0b:42:36:f5:67:2e:39:17:c6:f6:2e:07:d3:44:da:73
Signature Algorithm: ecdsa-with-SHA384
Issuer: C=US, O=Let's Encrypt, CN=E1
Validity
Not Before: Apr 4 04:57:41 2024 GMT
Not After : Jul 3 04:57:40 2024 GMT
Subject: CN=cutwel.co.uk
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:1c:29:62:22:69:e2:ff:6a:81:56:32:e6:da:1e:
67:96:a5:b1:a8:fb:25:8e:d0:9a:c1:b7:95:0d:3a:
e1:57:73:26:70:72:63:24:69:7c:13:4e:d0:cb:e5:
b4:f3:72:f6:17:72:cd:b7:7e:14:17:02:68:5c:84:
82:52:ae:c2:f8
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
97:33:C3:91:0C:83:4D:A4:45:F0:37:DE:67:5A:79:87:6F:63:8F:A2
X509v3 Authority Key Identifier:
5A:F3:ED:2B:FC:36:C2:37:79:B9:52:30:EA:54:6F:CF:55:CB:2E:AC
Authority Information Access:
OCSP - URI:http://e1.o.lencr.org
CA Issuers - URI:http://e1.i.lencr.org/
X509v3 Subject Alternative Name:
DNS:*.cutwel.co.uk, DNS:cutwel.co.uk
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
Timestamp : Apr 4 05:57:41.435 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:4E:73:E8:76:E6:0D:97:9E:42:F0:9D:5C:
77:8B:EC:A8:14:BA:E3:A0:E2:28:79:F7:F5:4D:88:BD:
B4:35:89:F1:02:20:54:3F:F9:A7:B2:6A:BB:9F:FB:64:
AE:F0:A7:2C:56:7B:C6:F6:58:87:69:6A:41:F9:FD:6F:
2E:C3:64:D1:E7:99
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
Timestamp : Apr 4 05:57:41.642 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:5F:5D:E0:7F:4E:67:E5:0E:6A:E2:09:B0:
55:8F:D4:BC:03:83:4C:0C:B3:38:19:05:7F:2D:30:8F:
5C:71:34:9C:02:20:6C:18:42:C7:52:C5:52:7A:8A:E6:
FA:A0:42:41:A9:EF:08:23:28:3F:A5:80:F0:14:17:1B:
54:18:43:49:48:97
Signature Algorithm: ecdsa-with-SHA384
Signature Value:
30:64:02:30:55:83:6a:14:c8:02:6b:b1:24:3b:b4:39:60:29:
28:b3:21:67:e8:dc:c3:fe:67:db:3d:c0:7d:cc:45:26:79:fd:
18:6c:35:70:33:4c:ff:ae:fe:5a:8a:56:81:92:89:47:02:30:
0d:b4:8e:05:ff:c8:d5:d4:2e:7d:a0:b5:5b:05:7c:53:d8:f9:
3f:a3:c5:07:13:14:a0:c3:bb:47:24:75:35:c2:af:96:91:2d:
0b:31:0e:0f:6a:72:1b:20:05:cf:d9:a8