| date: |
Fri, 04 Oct 2024 23:54:57 GMT |
| content-type: |
text/html; charset=UTF-8 |
| transfer-encoding: |
chunked |
| connection: |
close |
| set-cookie: |
PHPSESSID=hr6vhkjrk5um4na9tjhfs3anmf; expires=Sat, 05-Oct-2024 09:54:57 GMT; Max-Age=36000; path=/; domain=www.barbour.com; secure; HttpOnly; SameSite=Lax,X-Magento-Vary=3e79d5602b3a06368ea5a0e70bc15b7124ab712f; expires=Sat, 05-Oct-2024 09:54:57 GMT; Max-Age=36000; path=/; secure; HttpOnly; SameSite=Lax |
| pragma: |
no-cache |
| cache-control: |
max-age=0, must-revalidate, no-cache, no-store |
| expires: |
Wed, 04 Oct 2023 12:04:51 GMT |
| content-security-policy-report-only: |
font-src fonts.gstatic.com use.typekit.net *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com https://fonts.gstatic.com yotpo-stool.s3.amazonaws.com *.cloudflare.com *.googleapis.com www.google-analytics.com *.gstatic.com *.twitter.com *.typekit.net *.twimg.com *.yotpo.com 'self' data: *.bounceexchange.com dhv2ziothpgrr.cloudfront.net 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net pilot-payflowlink.paypal.com *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.bounceexchange.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com *.barbour.com *.jbs-uat.com admin.barbour.com 'self'; frame-src fast.amc.demdex.net secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com www.googletagmanager.com *.adyen.com *.sharethis.com *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com www.google.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com *.twitter.com *.youtube.com *.hotjar.com *.hotjar.io *.vimeo.com *.google.com *.paypal.com *.bounceexchange.com *.doubleclick.net *.pinterest.com *.facebook.com *.yotpo.com *.addthis.com *.dotmailer-surveys.com *.barbour.com *.jbs-uat.com admin.barbour.com *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net widgets.magentocommerce.com 'unsafe-inline' data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com p.typekit.net s.ytimg.com *.adyen.com *.sharethis.com *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com https://maps.gstatic.com https://maps.googleapis.com https://www.google.by *.google-analytics.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.postcodeanywhere.co.uk *.cloudflare.com *.google.com *.google.co.uk maps.gstatic.com *.googleadservices.com *.googleapis.com *.yotpo.com yotpo-stool.s3.amazonaws.com https://yotpo-editor-production.s3.amazonaws.com *.doubleclick.net *.curalate.com wf1.mywebdata.co.uk *.bounceexchange.com *.bouncex.net *.paypal.com *.ytimg.com *.facebook.com *.facebook.net *.fbcdn.net *.klarna.com *.twitter.com *.twimg.com *.lightemporium.com *.usercentrics.eu *.barbour.com *.jbs-uat.com admin.barbour.com *.pinterest.com *.unpkg.com *.qubitproducts.com *.qubit.com *.gstatic.com dhv2ziothpgrr.cloudfront.net 'self' 'unsafe-inline'; script-src assets.adobedtm.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.paypalobjects.com js.braintreegateway.com www.paypal.com www.sandbox.paypal.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com *.vimeocdn.com www.googletagmanager.com amcglobal.sc.omtrdc.net *.magento-ds.com use.typekit.net www.youtube.com *.adyen.com *.sharethis.com *.exponea.com api.uk.exponea.com *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ https://maps.googleapis.com https://ct.pinterest.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com cdn.dnky.co api.comapi.com webchat.dotdigital.com *.postcodeanywhere.co.uk *.bugherd.com *.cloudflare.com *.pcapredict.com acsbapp.com *.cloudflareinsights.com analytics.tiktok.com *.google.com *.gstatic.com *.google-analytics.com *.twimg.com *.paypal.com *.googletagmanager.com *.googleapis.com *.twitter.com *.yotpo.com js-agent.newrelic.com *.nr-data.net *.doubleclick.net *.hotjar.com *.hotjar.io www.bugherd.com *.iubenda.com *.iesnare.com *.newrelic.com s.pinimg.com wf1.mywebdata.co.uk *.pingdom.net *.bounceexchange.com *.curalate.com *.goqubit.com js.facebook.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.addthis.com *.moatads.com *.addthisedge.com *.dotmailer-surveys.com *.klarnaservices.com *.barbour.com *.jbs-uat.com admin.barbour.com 'unsafe-inline' data: *.bing.com *.wknd.ai https://www.googletagmanager.com tagmanager.google.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src fonts.googleapis.com getfirebug.com *.sharethis.com *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com https://fonts.googleapis.com cdn.dnky.co webchat.dotdigital.com *.cloudflare.com *.google.com *.gstatic.com *.google-analytics.com *.googleapis.com 'unsafe-inline' data: *.twitter.com *.typekit.net *.yotpo.com *.twimg.com *.postcodeanywhere.co.uk *.bounceexchange.com *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.klarnacdn.net *.barbour.com *.jbs-uat.com admin.barbour.com *.unpkg.com *.qubitproducts.com tagmanager.google.com dhv2ziothpgrr.cloudfront.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.iesnare.com *.cdnwidget.com *.barbour.com *.jbs-uat.com admin.barbour.com *.pinterest.com data: 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.sandbox.paypal.com *.adobe.io performance.typekit.net *.adyen.com *.sharethis.com *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com https://maps.googleapis.com www.apptrian.com facebook.com www.facebook.com connect.facebook.net graph.facebook.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com api.comapi.com webchat.dotdigital.com *.postcodeanywhere.co.uk *.acsbapp.com *.cloudflare.com *.google-analytics.com *.google.com *.googlesyndication.com *.twitter.com *.paypal.com *.twimg.com *.yotpo.com *.nr-data.net *.doubleclick.net analytics.tiktok.com *.hotjar.com *.hotjar.io wss://mpsnare.iesnare.com *.mpsnare.iesnare.com *.iubenda.com *.curalate.com *.qubit.com *.pingdom.net *.qubitproducts.com *.pinterest.com *.facebook.com *.barbour.com *.jbs-uat.com admin.barbour.com *.unpkg.com *.bouncex.net *.bounceexchange.com *.cdnwidget.com *.cdnbasket.net https://www.google-analytics.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com 'self' 'unsafe-inline'; child-src *.salesforce-sites.com *.salesforce.com *.force.com *.salesforceliveagent.com *.bounceexchange.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; |
| x-content-type-options: |
nosniff |
| x-xss-protection: |
1; mode=block |
| x-frame-options: |
SAMEORIGIN |
| vary: |
Accept-Encoding |
| x-served-by: |
ip-172-32-9-162.eu-west-2.compute.internal |
| strict-transport-security: |
max-age=31536000 |
| cf-cache-status: |
DYNAMIC |
| server: |
cloudflare |
| cf-ray: |
8cd91999c98b1cce-AMS |
