| HTTP/1.1 301 Moved Permanently |
| Server: awselb/2.0 |
| Date: Sat, 16 Nov 2024 06:58:46 GMT |
| Content-Type: text/html |
| Content-Length: 134 |
| Connection: keep-alive |
| Location: https://mybundle.myroyalmail.com:443/ |
| HTTP/2 303 |
| date: Sat, 16 Nov 2024 06:58:46 GMT |
| content-type: text/html; charset=UTF-8 |
| location: https://mybundle.rewardgateway.co.uk/ |
| server: nginx |
| cache-control: max-age=0, private, must-revalidate |
| set-cookie: SessionID=cigstgtp79n59t6qdbg3jaf43n; path=/; secure; HttpOnly; SameSite=none |
| cache-control: max-age=0, must-revalidate, no-cache, no-store, no-transform, private |
| p3p: CP="NOI DSP COR NID DEVa TAIa OUR BUS UNI" |
| x-xss-protection: 1; mode=block |
| x-content-type-options: nosniff |
| strict-transport-security: max-age=2592000; includeSubDomains; preload |
| x-frame-options: DENY |
| pragma: no-cache |
| expires: 0 |
| HTTP/2 302 |
| date: Sat, 16 Nov 2024 06:58:47 GMT |
| content-type: text/html; charset=UTF-8 |
| server: nginx |
| cache-control: max-age=0, private, must-revalidate |
| set-cookie: SessionID=e8bvtttgu5h19d4lht0qrtgnmg; path=/; secure; HttpOnly; SameSite=none |
| cache-control: max-age=0, must-revalidate, no-cache, no-store, no-transform, private |
| location: /Authentication/Start |
| p3p: CP="NOI DSP COR NID DEVa TAIa OUR BUS UNI" |
| x-xss-protection: 1; mode=block |
| x-content-type-options: nosniff |
| strict-transport-security: max-age=31536000; includeSubDomains; preload |
| pragma: no-cache |
| expires: 0 |
| content-security-policy-report-only: report-uri https://d16f414973433f6dfc99afb4173347fd.report-uri.com/r/t/csp/reportOnly; default-src none https://static.cdn.rewardgateway.net/ https://ugc.cdn.rewardgateway.net/ assets.onfido.com; child-src 'self' blob: *.heapanalytics.com *.auryc.com; connect-src 'self' https://static.cdn.rewardgateway.net/ https://ugc.cdn.rewardgateway.net/ https://api.rewardgateway.net/ *.analytics.google.com *.aerlingus.com *.amazon.com *.avios.com *.britishairways.com *.iagl.digital *.transifex.net sockjs.pusher.com wss://*.zopim.com wss://ws-mt1.pusher.com *.amazonaws.com *.bugherd.com/ *.bugsnag.com *.checkout.com *.contentsquare.net media.currys.biz *.doubleclick.net embedwistia-a.akamaihd.net *.giphy.com *.google-analytics.com analytics.google.com *.googleapis.com *.global-cache.online www.google.co.uk *.gstatic.com www.googletagmanager.com heapanalytics.com *.heapanalytics.com *.auryc.com *.launchdarkly.com *.litix.io *.nr-data.net api.onfido.com wss://sync.onfido.com tag.aticdn.net ghknkfc.pa-cd.com *.cdn.rewardgateway.net *.rewardgateway.co.uk *.rewardgateway.net *.walkme.com *.wistia.com *.zopim.com *.zdassets.com rewardgateway.zendesk.com; img-src 'self' data: blob: https://static.cdn.rewardgateway.net/ https://ugc.cdn.rewardgateway.net/ *.cdninstagram.com *.classpass.com *.googleusercontent.com *.vimeocdn.com *.walkmeusercontent.com brain-images.cdn.dixons.com cdn.media.amplience.net entertainmentmedia.com.au hexagon-analytics.com i.imgur.com i.ytimg.com images-na.ssl-images-amazon.com images.ctfassets.net m.media-amazon.com media.licdn.com static.rewardgateway.dev ugc.cdn.rewardgateway.net www.linkedin.com www.twitter.com *.amazonaws.com *.bugherd.com/ *.checkout.com *.cloudfront.net *.contentsquare.net media.currys.biz *.dixons.com *.doubleclick.net embedwistia-a.akamaihd.net www.facebook.com *.giphy.com *.google.com www.google.com.au www.google.ie www.google.co.uk *.google-analytics.com *.googleapis.com www.googletagmanager.com *.gstatic.com heapanalytics.com *.heapanalytics.com cdn.jsdelivr.net *.moneyhelper.org.uk *.nr-data.net assets.onfido.com *.cdn.rewardgateway.net *.rewardgateway.co.uk *.rewardgateway.net *.walkme.com *.wistia.com; font-src 'self' data: https://static.cdn.rewardgateway.net/ https://ugc.cdn.rewardgateway.net/ themes.googleusercontent.com/static themes.googleusercontent.com/static/fonts/lato/v6/9k-RPmcnxYEPm8CNFsH2gg.woff *.amazonaws.com cdnjs.cloudflare.com *.cloudfront.net embedwistia-a.akamaihd.net use.fontawesome.com *.gstatic.com static.hsappstatic.net *.rewardgateway.net *.wistia.com *.wistia.net; object-src 'self'; script-src 'nonce-dc1ebebcba4f7698bcf27c0747ea0e68395d10d6' 'self' *.assets-yammer.com *.cdninstagram.com c64.assets-yammer.com cdn.siftscience.com code.jquery.com/*.js data: js-agent.newrelic.com strict-dynamic www.googleoptimize.com/optimize.js *.loginwithamazon.com *.bugherd.com/ *.chargebee.com *.checkout.com cdnjs.cloudflare.com *.contentsquare.net embedwistia-a.akamaihd.net connect.facebook.net *.google.com *.google-analytics.com *.googleapis.com www.googletagmanager.com *.gstatic.com heapanalytics.com *.heapanalytics.com *.auryc.com *.litix.io *.nr-data.net assets.onfido.com cdn.jsdelivr.net/npm/onfido-sdk-ui@13.8.4/dist/onfido.min.js tag.aticdn.net *.cdn.rewardgateway.net *.rewardgateway.co.uk *.rewardgateway.com *.rewardgateway.net static.testing.aws.rewardgateway.net *.walkme.com *.wistia.com *.wistia.net *.zopim.com *.zdassets.com rewardgateway.zendesk.com https://static.cdn.rewardgateway.net/ https://ugc.cdn.rewardgateway.net/ 'unsafe-eval' 'unsafe-inline'; worker-src 'self' blob: *.heapanalytics.com *.auryc.com; frame-src 'self' partner-tools.moneyadviceservice.org.uk player.vimeo.com players.brightcove.net/ www.youtube.com *.bugherd.com/ *.chargebee.com *.checkout.com *.doubleclick.net www.facebook.com m.facebook.com *.google.com www.googletagmanager.com chrome-extension://kgbmnemfaellbfabmkmmilchbhiigpdi/index.html *.rewardgateway.co.uk *.rewardgateway.com eu.surveymonkey.com *.wistia.com *.wistia.net *.zopim.com *.zdassets.com rewardgateway.zendesk.com; style-src 'self' *.chargebee.com *.checkout.com *.cloudfront.net cdnjs.cloudflare.com *.doubleclick.net use.fontawesome.com *.google-analytics.com *.googleapis.com *.gstatic.com heapanalytics.com *.heapanalytics.com cdn.jsdelivr.net *.litix.io assets.onfido.com *.cdn.rewardgateway.net *.walkme.com *.wistia.com https://static.cdn.rewardgateway.net/ https://ugc.cdn.rewardgateway.net/ 'unsafe-inline'; media-src 'self' blob: *.cloudfront.net ugc.cdn.rewardgateway.net *.amazonaws.com *.zopim.com *.zdassets.com rewardgateway.zendesk.com *.cdn.rewardgateway.net *.wistia.com; manifest-src 'self'; frame-ancestors https://mybundleplus.myroyalmail.com https://mybundleplus.rewardgateway.co.uk https://mypfsl.myroyalmail.com https://www.mypfsl.myroyalmail.com https://mybundle.myroyalmail.com https://mybundle.rewardgateway.co.uk https://mybundle.rewardgateway.com |
| set-cookie: VisitID=ba2128ce1648813083292e842b45650d; path=/; domain=mybundle.rewardgateway.co.uk; secure; httponly; samesite=none |
| HTTP/2 200 |
| date: Sat, 16 Nov 2024 06:58:47 GMT |
| content-type: text/html; charset=UTF-8 |
| server: nginx |
| cache-control: max-age=0, private, must-revalidate |
| set-cookie: SessionID=j8umpj10tqlbsvderdai7h1ghi; path=/; secure; HttpOnly; SameSite=none |
| cache-control: max-age=0, must-revalidate, no-cache, no-store, no-transform, private |
| p3p: CP="NOI DSP COR NID DEVa TAIa OUR BUS UNI" |
| x-xss-protection: 1; mode=block |
| x-content-type-options: nosniff |
| strict-transport-security: max-age=31536000; includeSubDomains; preload |
| x-frame-options: DENY |
| pragma: no-cache |
| expires: 0 |
| content-security-policy-report-only: report-uri https://d16f414973433f6dfc99afb4173347fd.report-uri.com/r/t/csp/reportOnly; default-src none https://static.cdn.rewardgateway.net/ https://ugc.cdn.rewardgateway.net/ assets.onfido.com; child-src 'self' blob: *.heapanalytics.com *.auryc.com; connect-src 'self' https://static.cdn.rewardgateway.net/ https://ugc.cdn.rewardgateway.net/ https://api.rewardgateway.net/ *.analytics.google.com *.aerlingus.com *.amazon.com *.avios.com *.britishairways.com *.iagl.digital *.transifex.net sockjs.pusher.com wss://*.zopim.com wss://ws-mt1.pusher.com *.amazonaws.com *.bugherd.com/ *.bugsnag.com *.checkout.com *.contentsquare.net media.currys.biz *.doubleclick.net embedwistia-a.akamaihd.net *.giphy.com *.google-analytics.com analytics.google.com *.googleapis.com *.global-cache.online www.google.co.uk *.gstatic.com www.googletagmanager.com heapanalytics.com *.heapanalytics.com *.auryc.com *.launchdarkly.com *.litix.io *.nr-data.net api.onfido.com wss://sync.onfido.com tag.aticdn.net ghknkfc.pa-cd.com *.cdn.rewardgateway.net *.rewardgateway.co.uk *.rewardgateway.net *.walkme.com *.wistia.com *.zopim.com *.zdassets.com rewardgateway.zendesk.com; img-src 'self' data: blob: https://static.cdn.rewardgateway.net/ https://ugc.cdn.rewardgateway.net/ *.cdninstagram.com *.classpass.com *.googleusercontent.com *.vimeocdn.com *.walkmeusercontent.com brain-images.cdn.dixons.com cdn.media.amplience.net entertainmentmedia.com.au hexagon-analytics.com i.imgur.com i.ytimg.com images-na.ssl-images-amazon.com images.ctfassets.net m.media-amazon.com media.licdn.com static.rewardgateway.dev ugc.cdn.rewardgateway.net www.linkedin.com www.twitter.com *.amazonaws.com *.bugherd.com/ *.checkout.com *.cloudfront.net *.contentsquare.net media.currys.biz *.dixons.com *.doubleclick.net embedwistia-a.akamaihd.net www.facebook.com *.giphy.com *.google.com www.google.com.au www.google.ie www.google.co.uk *.google-analytics.com *.googleapis.com www.googletagmanager.com *.gstatic.com heapanalytics.com *.heapanalytics.com cdn.jsdelivr.net *.moneyhelper.org.uk *.nr-data.net assets.onfido.com *.cdn.rewardgateway.net *.rewardgateway.co.uk *.rewardgateway.net *.walkme.com *.wistia.com; font-src 'self' data: https://static.cdn.rewardgateway.net/ https://ugc.cdn.rewardgateway.net/ themes.googleusercontent.com/static themes.googleusercontent.com/static/fonts/lato/v6/9k-RPmcnxYEPm8CNFsH2gg.woff *.amazonaws.com cdnjs.cloudflare.com *.cloudfront.net embedwistia-a.akamaihd.net use.fontawesome.com *.gstatic.com static.hsappstatic.net *.rewardgateway.net *.wistia.com *.wistia.net; object-src 'self'; script-src 'nonce-9f404e0c759e0bfe09223bafea176a35c3bfe759' 'self' *.assets-yammer.com *.cdninstagram.com c64.assets-yammer.com cdn.siftscience.com code.jquery.com/*.js data: js-agent.newrelic.com strict-dynamic www.googleoptimize.com/optimize.js *.loginwithamazon.com *.bugherd.com/ *.chargebee.com *.checkout.com cdnjs.cloudflare.com *.contentsquare.net embedwistia-a.akamaihd.net connect.facebook.net *.google.com *.google-analytics.com *.googleapis.com www.googletagmanager.com *.gstatic.com heapanalytics.com *.heapanalytics.com *.auryc.com *.litix.io *.nr-data.net assets.onfido.com cdn.jsdelivr.net/npm/onfido-sdk-ui@13.8.4/dist/onfido.min.js tag.aticdn.net *.cdn.rewardgateway.net *.rewardgateway.co.uk *.rewardgateway.com *.rewardgateway.net static.testing.aws.rewardgateway.net *.walkme.com *.wistia.com *.wistia.net *.zopim.com *.zdassets.com rewardgateway.zendesk.com https://static.cdn.rewardgateway.net/ https://ugc.cdn.rewardgateway.net/ 'unsafe-eval' 'unsafe-inline'; worker-src 'self' blob: *.heapanalytics.com *.auryc.com; frame-src 'self' partner-tools.moneyadviceservice.org.uk player.vimeo.com players.brightcove.net/ www.youtube.com *.bugherd.com/ *.chargebee.com *.checkout.com *.doubleclick.net www.facebook.com m.facebook.com *.google.com www.googletagmanager.com chrome-extension://kgbmnemfaellbfabmkmmilchbhiigpdi/index.html *.rewardgateway.co.uk *.rewardgateway.com eu.surveymonkey.com *.wistia.com *.wistia.net *.zopim.com *.zdassets.com rewardgateway.zendesk.com; style-src 'self' *.chargebee.com *.checkout.com *.cloudfront.net cdnjs.cloudflare.com *.doubleclick.net use.fontawesome.com *.google-analytics.com *.googleapis.com *.gstatic.com heapanalytics.com *.heapanalytics.com cdn.jsdelivr.net *.litix.io assets.onfido.com *.cdn.rewardgateway.net *.walkme.com *.wistia.com https://static.cdn.rewardgateway.net/ https://ugc.cdn.rewardgateway.net/ 'unsafe-inline'; media-src 'self' blob: *.cloudfront.net ugc.cdn.rewardgateway.net *.amazonaws.com *.zopim.com *.zdassets.com rewardgateway.zendesk.com *.cdn.rewardgateway.net *.wistia.com; manifest-src 'self'; frame-ancestors https://mybundleplus.myroyalmail.com https://mybundleplus.rewardgateway.co.uk https://mypfsl.myroyalmail.com https://www.mypfsl.myroyalmail.com https://mybundle.myroyalmail.com https://mybundle.rewardgateway.co.uk https://mybundle.rewardgateway.com |
| set-cookie: VisitID=2cc3b5b52b1228a0b7e871644fa08d44; path=/; domain=mybundle.rewardgateway.co.uk; secure; httponly; samesite=none |
| content-encoding: gzip |
