cando.eu Review
cando.eu Review
| Titletag | Descriptiontag | language |
|---|
| CanDo - Maak het jouw huis | You CanDo It | |
Dutch; Flemish |
| Ip adress | 162.55.239.111 | Nameserver | ns1.kpn.net
ns11.kpn.net |
Status code | 200 |
robots.txt
N/A
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 27 Aug 2025 03:29:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=9d19949ed6058cd828c3956e6ef699ea; expires=Wed, 27-Aug-2025 04:29:08 GMT; Max-Age=3600; path=/; domain=cando.eu; HttpOnly; SameSite=Lax
Location: https://www.cando.eu/
Pragma: no-cache
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Expires: Tue, 27 Aug 2024 03:29:08 GMT
Content-Security-Policy-Report-Only: font-src *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.fontawesome.com https://fonts.bunny.net *.lndo.site *.weprovide.shop https://script.hotjar.com https://unpkg.com https://use.typekit.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.facebook.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ *.google.com *.doubleclick.net *.facebook.com https://www.paypal.com https://hostedfields-externalapi.alpha.buckaroo.aws https://hostedfields-externalapi.prod-pci.buckaroo.io landofcoder.com maps.googleapis.com chart.googleapis.com https://www.googletagmanager.com/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.trustpilot.com *.lndo.site *.weprovide.shop https://dtm.cando.eu https://vars.hotjar.com https://ct.pinterest.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https://d1pna5l3xsntoj.cloudfront.net https://helloretailcdn.com 'self' data: https://www.google.nl *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.gstatic.com https://portal.payconiq.com https://static.buckaroo.nl https://www.paypalobjects.com cdn.flbx.io *.cloudfront.net 'self' blob: data http://www.googleadservices.com/ http://www.google-analytics.com/ https://www.googleadservices.com/ https://www.google-analytics.com/ https://www.google.com/ magefan.com cm.magefan.com https://firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.lndo.site *.weprovide.shop https://maps.google.com https://maps.googleapis.com https://mailing.deli-home.nl *.clarity.ms *.omappapi.com https://ct.pinterest.com https://skantrae.com https://cdn.cookielaw.org data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://core.helloretail.com https://d1pna5l3xsntoj.cloudfront.net https://helloretailcdn.com *.google.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com https://static.buckaroo.nl https://checkout.buckaroo.nl https://testcheckout.buckaroo.nl https://buckaroo.nl https://www.paypal.com https://hostedfields-externalapi.alpha.buckaroo.aws https://hostedfields-externalapi.prod-pci.buckaroo.io *.getflowbox.com landofcoder.com maps.googleapis.com chart.googleapis.com http://www.googletagmanager.com/ https://www.googletagmanager.com/ *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.trustpilot.com *.lndo.site *.weprovide.shop https://cdnjs.cloudflare.com https://code.jquery.com https://optanon.blob.core.windows.net https://geolocation.onetrust.com *.omappapi.com https://bam.nr-data.net https://cdn.cookielaw.org https://cdn.jsdelivr.net https://js-agent.newrelic.com https://s.pinimg.com https://script.hotjar.com https://static.hotjar.com *.clarity.ms cdn.leadinfo.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https://d1pna5l3xsntoj.cloudfront.net https://helloretailcdn.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com https://checkout.buckaroo.nl https://testcheckout.buckaroo.nl *.fontawesome.com https://fonts.bunny.net unsafe-inline assets.braintreegateway.com *.trustpilot.com *.lndo.site *.weprovide.shop https://optanon.blob.core.windows.net https://a.omappapi.com https://cdn.cookielaw.org https://p.typekit.net https://skantrae.com 'self' 'unsafe-inline'; object-src landofcoder.com maps.googleapis.com chart.googleapis.com 'self' 'unsafe-inline'; media-src *.adobe.com http://www.googleadservices.com/ http://www.google-analytics.com/ https://www.googleadservices.com/ https://www.google-analytics.com/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https://core.helloretail.com https://helloretailcdn.com *.google-analytics.com *.facebook.com *.facebook.net *.google.com wss://websocketservice-externalapi.prod.buckaroo.io https://static.buckaroo.nl wss://websockets.buckaroo.io/ https://checkout.buckaroo.nl https://testcheckout.buckaroo.nl https://hostedfields-externalapi.alpha.buckaroo.aws https://hostedfields-externalapi.prod-pci.buckaroo.io https://applepay.buckaroo.io https://www.paypal.com *.getflowbox.com *.googleapis.com landofcoder.com maps.googleapis.com chart.googleapis.com http://stats.g.doubleclick.net/ https://stats.g.doubleclick.net/ http://www.google-analytics.com/ https://www.google-analytics.com/ https://get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com google.com *.lndo.site *.weprovide.shop https://data.cando.eu https://bam.nr-data.net *.clarity.ms *.omappapi.com https://ct.pinterest.com https://sp.spheremall.com *.hotjar.com *.hotjar.io wss://ws.hotjar.com https://ws21.hotjar.com wss://ws21.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com gethatch.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Environment: Hipex/3 main
X-XSS-Protection: 1; mode=block;
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Content-Security-Policy: upgrade-insecure-requests
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 27 Aug 2025 03:29:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=f38467fcb00f106ae3eeb1c56014eae4; expires=Wed, 27-Aug-2025 04:29:09 GMT; Max-Age=3600; path=/; domain=www.cando.eu; secure; HttpOnly; SameSite=Lax
Set-Cookie: last_store=3; expires=Thu, 28-Aug-2025 03:29:09 GMT; Max-Age=86400; path=/; domain=www.cando.eu; secure; SameSite=Lax
Location: https://www.cando.eu/nl-nl/
Pragma: no-cache
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Expires: Tue, 27 Aug 2024 03:29:09 GMT
Content-Security-Policy-Report-Only: font-src *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.fontawesome.com https://fonts.bunny.net *.lndo.site *.weprovide.shop https://script.hotjar.com https://unpkg.com https://use.typekit.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.facebook.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ *.google.com *.doubleclick.net *.facebook.com https://www.paypal.com https://hostedfields-externalapi.alpha.buckaroo.aws https://hostedfields-externalapi.prod-pci.buckaroo.io landofcoder.com maps.googleapis.com chart.googleapis.com https://www.googletagmanager.com/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.trustpilot.com *.lndo.site *.weprovide.shop https://dtm.cando.eu https://vars.hotjar.com https://ct.pinterest.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https://d1pna5l3xsntoj.cloudfront.net https://helloretailcdn.com 'self' data: https://www.google.nl *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.gstatic.com https://portal.payconiq.com https://static.buckaroo.nl https://www.paypalobjects.com cdn.flbx.io *.cloudfront.net 'self' blob: data http://www.googleadservices.com/ http://www.google-analytics.com/ https://www.googleadservices.com/ https://www.google-analytics.com/ https://www.google.com/ magefan.com cm.magefan.com https://firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.lndo.site *.weprovide.shop https://maps.google.com https://maps.googleapis.com https://mailing.deli-home.nl *.clarity.ms *.omappapi.com https://ct.pinterest.com https://skantrae.com https://cdn.cookielaw.org data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://core.helloretail.com https://d1pna5l3xsntoj.cloudfront.net https://helloretailcdn.com *.google.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com https://static.buckaroo.nl https://checkout.buckaroo.nl https://testcheckout.buckaroo.nl https://buckaroo.nl https://www.paypal.com https://hostedfields-externalapi.alpha.buckaroo.aws https://hostedfields-externalapi.prod-pci.buckaroo.io *.getflowbox.com landofcoder.com maps.googleapis.com chart.googleapis.com http://www.googletagmanager.com/ https://www.googletagmanager.com/ *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.trustpilot.com *.lndo.site *.weprovide.shop https://cdnjs.cloudflare.com https://code.jquery.com https://optanon.blob.core.windows.net https://geolocation.onetrust.com *.omappapi.com https://bam.nr-data.net https://cdn.cookielaw.org https://cdn.jsdelivr.net https://js-agent.newrelic.com https://s.pinimg.com https://script.hotjar.com https://static.hotjar.com *.clarity.ms cdn.leadinfo.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https://d1pna5l3xsntoj.cloudfront.net https://helloretailcdn.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com https://checkout.buckaroo.nl https://testcheckout.buckaroo.nl *.fontawesome.com https://fonts.bunny.net unsafe-inline assets.braintreegateway.com *.trustpilot.com *.lndo.site *.weprovide.shop https://optanon.blob.core.windows.net https://a.omappapi.com https://cdn.cookielaw.org https://p.typekit.net https://skantrae.com 'self' 'unsafe-inline'; object-src landofcoder.com maps.googleapis.com chart.googleapis.com 'self' 'unsafe-inline'; media-src *.adobe.com http://www.googleadservices.com/ http://www.google-analytics.com/ https://www.googleadservices.com/ https://www.google-analytics.com/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https://core.helloretail.com https://helloretailcdn.com *.google-analytics.com *.facebook.com *.facebook.net *.google.com wss://websocketservice-externalapi.prod.buckaroo.io https://static.buckaroo.nl wss://websockets.buckaroo.io/ https://checkout.buckaroo.nl https://testcheckout.buckaroo.nl https://hostedfields-externalapi.alpha.buckaroo.aws https://hostedfields-externalapi.prod-pci.buckaroo.io https://applepay.buckaroo.io https://www.paypal.com *.getflowbox.com *.googleapis.com landofcoder.com maps.googleapis.com chart.googleapis.com http://stats.g.doubleclick.net/ https://stats.g.doubleclick.net/ http://www.google-analytics.com/ https://www.google-analytics.com/ https://get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com google.com *.lndo.site *.weprovide.shop https://data.cando.eu https://bam.nr-data.net *.clarity.ms *.omappapi.com https://ct.pinterest.com https://sp.spheremall.com *.hotjar.com *.hotjar.io wss://ws.hotjar.com https://ws21.hotjar.com wss://ws21.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com gethatch.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Environment: Hipex/3 main
X-XSS-Protection: 1; mode=block;
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Content-Security-Policy: upgrade-insecure-requests
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 27 Aug 2025 03:29:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=090ad0b1583f271e4156bbb3202d2b1a; expires=Wed, 27-Aug-2025 04:29:09 GMT; Max-Age=3600; path=/; domain=www.cando.eu; secure; HttpOnly; SameSite=Lax
Pragma: no-cache
Cache-Control: max-age=0, must-revalidate, no-cache, no-store
Expires: Mon, 26 Aug 2024 14:43:28 GMT
Content-Security-Policy-Report-Only: font-src *.gstatic.com 'self' data: *.doubleclick.net *.facebook.com *.fontawesome.com https://fonts.bunny.net *.lndo.site *.weprovide.shop https://script.hotjar.com https://unpkg.com https://use.typekit.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.facebook.com *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ *.google.com *.doubleclick.net *.facebook.com https://www.paypal.com https://hostedfields-externalapi.alpha.buckaroo.aws https://hostedfields-externalapi.prod-pci.buckaroo.io landofcoder.com maps.googleapis.com chart.googleapis.com https://www.googletagmanager.com/ c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.paypal.com * *.trustpilot.com *.lndo.site *.weprovide.shop https://dtm.cando.eu https://vars.hotjar.com https://ct.pinterest.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https://d1pna5l3xsntoj.cloudfront.net https://helloretailcdn.com 'self' data: https://www.google.nl *.google.bg *.facebook.com *.facebook.net *.doubleclick.net *.googletagmanager.com *.gstatic.com https://portal.payconiq.com https://static.buckaroo.nl https://www.paypalobjects.com cdn.flbx.io *.cloudfront.net 'self' blob: data http://www.googleadservices.com/ http://www.google-analytics.com/ https://www.googleadservices.com/ https://www.google-analytics.com/ https://www.google.com/ magefan.com cm.magefan.com https://firebasestorage.googleapis.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.paypal.com *.lndo.site *.weprovide.shop https://maps.google.com https://maps.googleapis.com https://mailing.deli-home.nl *.clarity.ms *.omappapi.com https://ct.pinterest.com https://skantrae.com https://cdn.cookielaw.org data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://core.helloretail.com https://d1pna5l3xsntoj.cloudfront.net https://helloretailcdn.com *.google.com *.google.bg *.googletagmanager.com *.facebook.com *.facebook.net *.doubleclick.net *.google-analytics.com *.gstatic.com https://static.buckaroo.nl https://checkout.buckaroo.nl https://testcheckout.buckaroo.nl https://buckaroo.nl https://www.paypal.com https://hostedfields-externalapi.alpha.buckaroo.aws https://hostedfields-externalapi.prod-pci.buckaroo.io *.getflowbox.com landofcoder.com maps.googleapis.com chart.googleapis.com http://www.googletagmanager.com/ https://www.googletagmanager.com/ *.avada.io js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.paypal.com songbirdstag.cardinalcommerce.com *.trustpilot.com *.lndo.site *.weprovide.shop https://cdnjs.cloudflare.com https://code.jquery.com https://optanon.blob.core.windows.net https://geolocation.onetrust.com *.omappapi.com https://bam.nr-data.net https://cdn.cookielaw.org https://cdn.jsdelivr.net https://js-agent.newrelic.com https://s.pinimg.com https://script.hotjar.com https://static.hotjar.com *.clarity.ms cdn.leadinfo.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com https://d1pna5l3xsntoj.cloudfront.net https://helloretailcdn.com *.googleapis.com *.doubleclick.net *.facebook.com *.gstatic.com *.googletagmanager.com https://checkout.buckaroo.nl https://testcheckout.buckaroo.nl *.fontawesome.com https://fonts.bunny.net unsafe-inline assets.braintreegateway.com *.trustpilot.com *.lndo.site *.weprovide.shop https://optanon.blob.core.windows.net https://a.omappapi.com https://cdn.cookielaw.org https://p.typekit.net https://skantrae.com 'self' 'unsafe-inline'; object-src landofcoder.com maps.googleapis.com chart.googleapis.com 'self' 'unsafe-inline'; media-src *.adobe.com http://www.googleadservices.com/ http://www.google-analytics.com/ https://www.googleadservices.com/ https://www.google-analytics.com/ 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com https://core.helloretail.com https://helloretailcdn.com *.google-analytics.com *.facebook.com *.facebook.net *.google.com wss://websocketservice-externalapi.prod.buckaroo.io https://static.buckaroo.nl wss://websockets.buckaroo.io/ https://checkout.buckaroo.nl https://testcheckout.buckaroo.nl https://hostedfields-externalapi.alpha.buckaroo.aws https://hostedfields-externalapi.prod-pci.buckaroo.io https://applepay.buckaroo.io https://www.paypal.com *.getflowbox.com *.googleapis.com landofcoder.com maps.googleapis.com chart.googleapis.com http://stats.g.doubleclick.net/ https://stats.g.doubleclick.net/ http://www.google-analytics.com/ https://www.google-analytics.com/ https://get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com *.paypal.com *.cardinalcommerce.com google.com *.lndo.site *.weprovide.shop https://data.cando.eu https://bam.nr-data.net *.clarity.ms *.omappapi.com https://ct.pinterest.com https://sp.spheremall.com *.hotjar.com *.hotjar.io wss://ws.hotjar.com https://ws21.hotjar.com wss://ws21.hotjar.com https://cdn.cookielaw.org https://geolocation.onetrust.com gethatch.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com *.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Environment: Hipex/3 main
X-XSS-Protection: 1; mode=block;
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Content-Security-Policy: upgrade-insecure-requests
Content-Encoding: br