HTTP/1.1 301 Moved Permanently Date: Sun, 02 Jan 2022 03:12:12 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=0, must-revalidate, no-cache, no-store Content-Security-Policy-Report-Only: font-src maxcdn.bootstrapcdn.com *.yotpo.com *.googleapis.com *.gstatic.com *.afterpay.com *.ordergroove.com cdn.jsdelivr.net 'self' 'unsafe-inline'; form-action secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.yotpo.com www.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com *.tataharperskincare.com; frame-src secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com player.vimeo.com www.google.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de http://app.bronto.com cdn.dnky.co webchat.dotdigital.com *.yotpo.com *.doubleclick.net tags.rd.linksynergy.com www.facebook.com *.kaptcha.com *.braintreegateway.com wsv3cdn.audioeye.com *.livechatinc.com tataharper.attn.tv www.youtube.com *.addthis.com *.youtube.com/embed cdn.attn.tv *.cdn.attn.tb pinterest.com paypal.com *.youtube.com *.pinimg.com www.pinterest.com *.commerce.com ct.pinterest.com s.pinimg.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com www.googleadservices.com www.google-analytics.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com https://static.afterpay.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net d23yuld0pofhhw.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.yotpo.com thsimages.s3.amazonaws.com idsync.rlcdn.com bat.bing.com www.facebook.com www.google.com www.google.pl data: *.afterpay.com *.pinterest.com *.linksynergy.com *.ordergroove.com *.fls.doubleclick.net *.google.com.ua *.usehero.com *.googleapis.com maps.gstatic.com lh3.ggpht.com *.rackcdn.com shareasale.com *.xg4ken.com *.bronto.com hero-prod-assets.s3-eu-west-1.amazonaws.com *.prd.borderfree.com googletagmanager.com insight.adsrvr.org ad.doubleclick.net adservice.google.com googleads.g.doubleclick.net *.addthis.com vimeocdn.com *.cdn.usehero.com *.youtube.com youtube.com https://www.youtube.com s.pinimg.com ct.pinterest.com 'self' 'unsafe-inline'; script-src assets.adobedtm.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com js.authorize.net jstest.authorize.net www.googleadservices.com www.google-analytics.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com js.braintreegateway.com s.ytimg.com video.google.com vimeo.com www.vimeo.com *.vimeocdn.com cdn-scripts.signifyd.com www.youtube.com https://portal.sandbox.afterpay.com https://portal.afterpay.com https://static.afterpay.com https://js.sandbox.afterpay.com https://js.afterpay.com r1-t.trackedlink.net r2-t.trackedlink.net r3-t.trackedlink.net r1.trackedweb.net r2.trackedweb.net r3.trackedweb.net static.trackedweb.net www.google.com/recaptcha/ www.gstatic.com/recaptcha/ *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.bronto.com cdn.dnky.co api.comapi.com webchat.dotdigital.com *.yotpo.com static.hotjar.com wsmcdn.audioeye.com tag.rmp.rakuten.com tags.rd.linksynergy.com *.linksynergy.com resources.xg4ken.com *.audioeye.com www.googletagmanager.com b-code.liadm.com bat.bing.com connect.facebook.net dx.steelhousemedia.com googleads.g.doubleclick.net cdn.sweettooth.io px.steelhousemedia.com js.smile.io script.hotjar.com assets.pinterest.com *.ordergroove.com api.instagram.com *.sbx.borderfree.com *.google.com *.usehero.com *.googleapis.com services.xg4ken.com *.newrelic.com *.nr-data.net *.prd.borderfree.com cdnjs.cloudflare.com *.livechatinc.com s.pinimg.com cdn.attn.tv cdn.jsdelivr.net *.addthis.com z.moatads.com *.addthisedge.com *.vimeo.com youtube.com *.youtube.com *.attn.tv ct.pinterest.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com static.afterpay.com/ js.sandbox.afterpay.com js.afterpay.com cdn.dnky.co webchat.dotdigital.com maxcdn.bootstrapcdn.com *.yotpo.com *.googleapis.com *.sbx.borderfree.com wsv3cdn.audioeye.com *.prd.borderfree.com thsimages.s3.amazonaws.com cdn.materialdesignicons.com cdn.jsdelivr.net 'self' 'unsafe-inline'; object-src *.youtube.com www.youtube.com *.vimeocdn.com *.vimeo.com 'self' 'unsafe-inline'; media-src thsimages.s3.amazonaws.com *.usehero.com *.youtube.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com static.afterpay.com js.sandbox.afterpay.com js.afterpay.com r1-t.trackedlink.net r2-t.trackedlink.net r3-t.trackedlink.net r1.trackedweb.net r2.trackedweb.net r3.trackedweb.net static.trackedweb.net *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de api.comapi.com webchat.dotdigital.com *.yotpo.com rp.liadm.com www.paypal.com *.google-analytics.com *.smile.io *.ordergroove.com *.braintree-api.com *.sbx.borderfree.com *.usehero.com *.hotjar.io *.doubleclick.net analytics.audioeye.com zalywzdew6.execute-api.us-west-2.amazonaws.com *.nr-data.net *.pinterest.com *.brontops.com wss://tsock.us1.twilio.com *.livechatinc.com bat.bing.com events.attentivemobile.com *.addthis.com *.youtube.com *.cdn.usehero.com *.googletagmanager.com ct.pinterest.com s.pinimg.com 'self' 'unsafe-inline'; child-src 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests ; Expires: Sat, 02 Jan 2021 03:12:11 GMT Location: https://www.tataharperskincare.com/reward-points Pragma: no-cache Set-Cookie: PHPSESSID=4440aa5b90f188396c2ead0c4c2839c2; expires=Sun, 02-Jan-2022 07:12:11 GMT; Max-Age=14400; path=/; domain=.tataharperskincare.com; secure; HttpOnly; SameSite=Lax X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Varnish-Cache-Result: MISS X-Varnish-Cache: MISS CF-Cache-Status: DYNAMIC Expect-CT: max-age=604800, report-uri="https://re