haardhout.nl Review

TitletagDescriptiontaglanguage
Ovengedroogd haardhout kopen | In 24 uur geleverd | Haardhout.nl Dutch; Flemish
Alexarank
443259
Ip adress172.67.73.146Nameserverlia.ns.cloudflare.com
kirk.ns.cloudflare.com
Status code200
robots.txt
 N/A
HTTP/1.1 301 Moved Permanently
Date: Tue, 03 Dec 2024 20:28:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://haardhout.nl/
CF-Cache-Status: DYNAMIC
Server-Timing: cfCacheStatus;desc="DYNAMIC"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S875dJJ%2FJuEzSL5pcK52CYQ9Yfz2jZsq5el0G8Xxb%2BRAzmMGKiAsureWNwFdX44kjEHh%2F3AN%2FDv2FXVK%2Been1IObxuJs5y1cbLNeCkJV7gv3zYRPIcUnwMT1y0bJBg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8ec64d483e1bdeb6-NRT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=13994&min_rtt=13994&rtt_var=6997&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=329&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

HTTP/1.1 302 Found
Date: Tue, 03 Dec 2024 20:28:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=u3da0kmchjs4bhrojcpftq97nr; expires=Sat, 01-Feb-2025 20:28:26 GMT; Max-Age=5184000; path=/; domain=haardhout.nl; secure; HttpOnly; SameSite=Lax
location: https://www.haardhout.nl/
content-security-policy-report-only: font-src *.fontawesome.com maxcdn.bootstrapcdn.com *.gstatic.com *.amazonaws.com unpkg.com *.bing.com *.doubleclick.net *.google.nl google.nl *.google.com google.com google.de *.google.de *.cloudflare.com *.trengo.eu fonts.bunny.net cdn.jsdelivr.net *.google.by www.gstatic.com *.clarity.ms *.facebook.net *.facebook.com d5yoctgpv4cpx.cloudfront.net rkkck31tec.execute-api.eu-central-1.amazonaws.com *.spotlersearch.com spotlersearchanalytics.com *.spotlersearchanalytics.com ipinfo.io *.newrelic.com *.nr-data.net *.beslist.nl www.openhaardhout-gigant.nl fonts.googleapis.com *.cloudflareinsights.com *.interacty.me *.squeezely.tech *.bing.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com https://plumrocket.com *.aiden.cx *.amazonaws.com unpkg.com *.bing.com *.doubleclick.net *.google.nl google.nl *.google.com google.com google.de *.google.de *.cloudflare.com *.trengo.eu fonts.bunny.net cdn.jsdelivr.net *.google.by www.gstatic.com *.clarity.ms *.facebook.net *.facebook.com d5yoctgpv4cpx.cloudfront.net rkkck31tec.execute-api.eu-central-1.amazonaws.com *.spotlersearch.com spotlersearchanalytics.com *.spotlersearchanalytics.com ipinfo.io *.newrelic.com *.nr-data.net *.beslist.nl www.openhaardhout-gigant.nl fonts.googleapis.com *.cloudflareinsights.com *.interacty.me *.squeezely.tech *.bing.net 'self' 'unsafe-inline'; frame-ancestors *.multisafepay.com https://pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ https://www.googletagmanager.com/ *.multisafepay.com https://pay.google.com https://plumrocket.com *.aiden.cx www.xtento.com *.trustpilot.com *.amazonaws.com unpkg.com *.bing.com *.doubleclick.net *.google.nl google.nl *.google.com google.com google.de *.google.de *.cloudflare.com *.trengo.eu fonts.bunny.net cdn.jsdelivr.net *.google.by www.gstatic.com *.clarity.ms *.facebook.net *.facebook.com d5yoctgpv4cpx.cloudfront.net rkkck31tec.execute-api.eu-central-1.amazonaws.com *.spotlersearch.com spotlersearchanalytics.com *.spotlersearchanalytics.com ipinfo.io *.newrelic.com *.nr-data.net *.beslist.nl www.openhaardhout-gigant.nl fonts.googleapis.com *.cloudflareinsights.com *.interacty.me *.squeezely.tech *.bing.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https://images.unsplash.com http://www.googleadservices.com/ http://www.google-analytics.com/ https://www.googleadservices.com/ https://www.google-analytics.com/ https://www.google.com/ *.sooqr.com *.multisafepay.com www.magmodules.eu *.squeezely.tech *.aiden.cx www.xtento.com cdn.xtento.com *.amazonaws.com unpkg.com *.bing.com *.doubleclick.net *.google.nl google.nl *.google.com google.com google.de *.google.de *.cloudflare.com *.trengo.eu fonts.bunny.net cdn.jsdelivr.net *.google.by www.gstatic.com *.clarity.ms *.facebook.net *.facebook.com d5yoctgpv4cpx.cloudfront.net rkkck31tec.execute-api.eu-central-1.amazonaws.com *.spotlersearch.com spotlersearchanalytics.com *.spotlersearchanalytics.com ipinfo.io *.newrelic.com *.nr-data.net *.beslist.nl www.openhaardhout-gigant.nl fonts.googleapis.com *.cloudflareinsights.com *.interacty.me *.bing.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ http://www.googletagmanager.com/ https://www.googletagmanager.com/ https://cdn.polyfill.io https://browser.sentry-cdn.com *.avada.io *.sooqr.com *.multisafepay.com https://pay.google.com squeezely.tech www.squeezely.tech *.squeezely.tech *.aiden.cx www.xtento.com cdn.xtento.com *.trustpilot.com *.amazonaws.com unpkg.com *.bing.com *.doubleclick.net *.google.nl google.nl *.google.com google.com google.de *.google.de *.cloudflare.com *.trengo.eu fonts.bunny.net cdn.jsdelivr.net *.google.by www.gstatic.com *.clarity.ms *.facebook.net *.facebook.com d5yoctgpv4cpx.cloudfront.net rkkck31tec.execute-api.eu-central-1.amazonaws.com *.spotlersearch.com spotlersearchanalytics.com *.spotlersearchanalytics.com ipinfo.io *.newrelic.com *.nr-data.net *.beslist.nl www.openhaardhout-gigant.nl fonts.googleapis.com *.cloudflareinsights.com *.interacty.me *.bing.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.fontawesome.com *.sooqr.com maxcdn.bootstrapcdn.com *.multisafepay.com *.trustpilot.com *.amazonaws.com unpkg.com *.bing.com *.doubleclick.net *.google.nl google.nl *.google.com google.com google.de *.google.de *.cloudflare.com *.trengo.eu fonts.bunny.net cdn.jsdelivr.net *.google.by www.gstatic.com *.clarity.ms *.facebook.net *.facebook.com d5yoctgpv4cpx.cloudfront.net rkkck31tec.execute-api.eu-central-1.amazonaws.com *.spotlersearch.com spotlersearchanalytics.com *.spotlersearchanalytics.com ipinfo.io *.newrelic.com *.nr-data.net *.beslist.nl www.openhaardhout-gigant.nl fonts.googleapis.com *.cloudflareinsights.com *.interacty.me *.squeezely.tech *.bing.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http://www.googleadservices.com/ http://www.google-analytics.com/ https://www.googleadservices.com/ https://www.google-analytics.com/ *.amazonaws.com unpkg.com *.bing.com *.doubleclick.net *.google.nl google.nl *.google.com google.com google.de *.google.de *.cloudflare.com *.trengo.eu fonts.bunny.net cdn.jsdelivr.net *.google.by www.gstatic.com *.clarity.ms *.facebook.net *.facebook.com d5yoctgpv4cpx.cloudfront.net rkkck31tec.execute-api.eu-central-1.amazonaws.com *.spotlersearch.com spotlersearchanalytics.com *.spotlersearchanalytics.com ipinfo.io *.newrelic.com *.nr-data.net *.beslist.nl www.openhaardhout-gigant.nl fonts.googleapis.com *.cloudflareinsights.com *.interacty.me *.squeezely.tech *.bing.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com http://stats.g.doubleclick.net/ https://stats.g.doubleclick.net/ http://www.google-analytics.com/ https://www.google-analytics.com/ https://*.ingest.sentry.io https://get.geojs.io *.avada.io *.multisafepay.com squeezely.tech *.squeezely.tech *.aiden.cx *.amazonaws.com unpkg.com *.bing.com *.doubleclick.net *.google.nl google.nl *.google.com google.com google.de *.google.de *.cloudflare.com *.trengo.eu fonts.bunny.net cdn.jsdelivr.net *.google.by www.gstatic.com *.clarity.ms *.facebook.net *.facebook.com d5yoctgpv4cpx.cloudfront.net rkkck31tec.execute-api.eu-central-1.amazonaws.com *.spotlersearch.com spotlersearchanalytics.com *.spotlersearchanalytics.com ipinfo.io *.newrelic.com *.nr-data.net *.beslist.nl www.openhaardhout-gigant.nl fonts.googleapis.com *.cloudflareinsights.com *.interacty.me *.bing.net 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
x-magento-cache-debug: MISS
pragma: no-cache
expires: -1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
CF-Cache-Status: DYNAMIC
Server-Timing: cfCacheStatus;desc="DYNAMIC"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SEYOg4%2FxQI5o4Q3nBOd8Yxns%2BJhl1y4SN%2FYMnmv8yLxfj4NZt8gc4TE%2B0y00FXnialvP7LfnLO0bLJ3HngGZGMmSriCzIPDu17pipHo2Bikl220HUjjd%2F%2F8kFi7TUA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8ec64d4c790aafd3-NRT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5897&min_rtt=5859&rtt_var=2274&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2843&recv_bytes=979&delivery_rate=469443&cwnd=251&unsent_bytes=0&cid=e367ba14f6553d52&ts=12229&x=0"

HTTP/1.1 200 OK
Date: Tue, 03 Dec 2024 20:28:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-built-with: Hyva Themes
content-security-policy-report-only: font-src *.fontawesome.com maxcdn.bootstrapcdn.com *.gstatic.com *.amazonaws.com unpkg.com *.bing.com *.doubleclick.net *.google.nl google.nl *.google.com google.com google.de *.google.de *.cloudflare.com *.trengo.eu fonts.bunny.net cdn.jsdelivr.net *.google.by www.gstatic.com *.clarity.ms *.facebook.net *.facebook.com d5yoctgpv4cpx.cloudfront.net rkkck31tec.execute-api.eu-central-1.amazonaws.com *.spotlersearch.com spotlersearchanalytics.com *.spotlersearchanalytics.com ipinfo.io *.newrelic.com *.nr-data.net *.beslist.nl www.openhaardhout-gigant.nl fonts.googleapis.com *.cloudflareinsights.com *.interacty.me *.squeezely.tech *.bing.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com https://plumrocket.com *.aiden.cx *.amazonaws.com unpkg.com *.bing.com *.doubleclick.net *.google.nl google.nl *.google.com google.com google.de *.google.de *.cloudflare.com *.trengo.eu fonts.bunny.net cdn.jsdelivr.net *.google.by www.gstatic.com *.clarity.ms *.facebook.net *.facebook.com d5yoctgpv4cpx.cloudfront.net rkkck31tec.execute-api.eu-central-1.amazonaws.com *.spotlersearch.com spotlersearchanalytics.com *.spotlersearchanalytics.com ipinfo.io *.newrelic.com *.nr-data.net *.beslist.nl www.openhaardhout-gigant.nl fonts.googleapis.com *.cloudflareinsights.com *.interacty.me *.squeezely.tech *.bing.net 'self' 'unsafe-inline'; frame-ancestors *.multisafepay.com https://pay.google.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ https://www.googletagmanager.com/ *.multisafepay.com https://pay.google.com https://plumrocket.com *.aiden.cx www.xtento.com *.trustpilot.com *.amazonaws.com unpkg.com *.bing.com *.doubleclick.net *.google.nl google.nl *.google.com google.com google.de *.google.de *.cloudflare.com *.trengo.eu fonts.bunny.net cdn.jsdelivr.net *.google.by www.gstatic.com *.clarity.ms *.facebook.net *.facebook.com d5yoctgpv4cpx.cloudfront.net rkkck31tec.execute-api.eu-central-1.amazonaws.com *.spotlersearch.com spotlersearchanalytics.com *.spotlersearchanalytics.com ipinfo.io *.newrelic.com *.nr-data.net *.beslist.nl www.openhaardhout-gigant.nl fonts.googleapis.com *.cloudflareinsights.com *.interacty.me *.squeezely.tech *.bing.net 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io https://images.unsplash.com http://www.googleadservices.com/ http://www.google-analytics.com/ https://www.googleadservices.com/ https://www.google-analytics.com/ https://www.google.com/ *.sooqr.com *.multisafepay.com www.magmodules.eu *.squeezely.tech *.aiden.cx www.xtento.com cdn.xtento.com *.amazonaws.com unpkg.com *.bing.com *.doubleclick.net *.google.nl google.nl *.google.com google.com google.de *.google.de *.cloudflare.com *.trengo.eu fonts.bunny.net cdn.jsdelivr.net *.google.by www.gstatic.com *.clarity.ms *.facebook.net *.facebook.com d5yoctgpv4cpx.cloudfront.net rkkck31tec.execute-api.eu-central-1.amazonaws.com *.spotlersearch.com spotlersearchanalytics.com *.spotlersearchanalytics.com ipinfo.io *.newrelic.com *.nr-data.net *.beslist.nl www.openhaardhout-gigant.nl fonts.googleapis.com *.cloudflareinsights.com *.interacty.me *.bing.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ http://www.googletagmanager.com/ https://www.googletagmanager.com/ https://cdn.polyfill.io https://browser.sentry-cdn.com *.avada.io *.sooqr.com *.multisafepay.com https://pay.google.com squeezely.tech www.squeezely.tech *.squeezely.tech *.aiden.cx www.xtento.com cdn.xtento.com *.trustpilot.com *.amazonaws.com unpkg.com *.bing.com *.doubleclick.net *.google.nl google.nl *.google.com google.com google.de *.google.de *.cloudflare.com *.trengo.eu fonts.bunny.net cdn.jsdelivr.net *.google.by www.gstatic.com *.clarity.ms *.facebook.net *.facebook.com d5yoctgpv4cpx.cloudfront.net rkkck31tec.execute-api.eu-central-1.amazonaws.com *.spotlersearch.com spotlersearchanalytics.com *.spotlersearchanalytics.com ipinfo.io *.newrelic.com *.nr-data.net *.beslist.nl www.openhaardhout-gigant.nl fonts.googleapis.com *.cloudflareinsights.com *.interacty.me *.bing.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.fontawesome.com *.sooqr.com maxcdn.bootstrapcdn.com *.multisafepay.com *.trustpilot.com *.amazonaws.com unpkg.com *.bing.com *.doubleclick.net *.google.nl google.nl *.google.com google.com google.de *.google.de *.cloudflare.com *.trengo.eu fonts.bunny.net cdn.jsdelivr.net *.google.by www.gstatic.com *.clarity.ms *.facebook.net *.facebook.com d5yoctgpv4cpx.cloudfront.net rkkck31tec.execute-api.eu-central-1.amazonaws.com *.spotlersearch.com spotlersearchanalytics.com *.spotlersearchanalytics.com ipinfo.io *.newrelic.com *.nr-data.net *.beslist.nl www.openhaardhout-gigant.nl fonts.googleapis.com *.cloudflareinsights.com *.interacty.me *.squeezely.tech *.bing.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com http://www.googleadservices.com/ http://www.google-analytics.com/ https://www.googleadservices.com/ https://www.google-analytics.com/ *.amazonaws.com unpkg.com *.bing.com *.doubleclick.net *.google.nl google.nl *.google.com google.com google.de *.google.de *.cloudflare.com *.trengo.eu fonts.bunny.net cdn.jsdelivr.net *.google.by www.gstatic.com *.clarity.ms *.facebook.net *.facebook.com d5yoctgpv4cpx.cloudfront.net rkkck31tec.execute-api.eu-central-1.amazonaws.com *.spotlersearch.com spotlersearchanalytics.com *.spotlersearchanalytics.com ipinfo.io *.newrelic.com *.nr-data.net *.beslist.nl www.openhaardhout-gigant.nl fonts.googleapis.com *.cloudflareinsights.com *.interacty.me *.squeezely.tech *.bing.net 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com http://stats.g.doubleclick.net/ https://stats.g.doubleclick.net/ http://www.google-analytics.com/ https://www.google-analytics.com/ https://*.ingest.sentry.io https://get.geojs.io *.avada.io *.multisafepay.com squeezely.tech *.squeezely.tech *.aiden.cx *.amazonaws.com unpkg.com *.bing.com *.doubleclick.net *.google.nl google.nl *.google.com google.com google.de *.google.de *.cloudflare.com *.trengo.eu fonts.bunny.net cdn.jsdelivr.net *.google.by www.gstatic.com *.clarity.ms *.facebook.net *.facebook.com d5yoctgpv4cpx.cloudfront.net rkkck31tec.execute-api.eu-central-1.amazonaws.com *.spotlersearch.com spotlersearchanalytics.com *.spotlersearchanalytics.com ipinfo.io *.newrelic.com *.nr-data.net *.beslist.nl www.openhaardhout-gigant.nl fonts.googleapis.com *.cloudflareinsights.com *.interacty.me *.bing.net 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
x-magento-cache-debug: HIT
grace: none
pragma: no-cache
expires: -1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
CF-Cache-Status: DYNAMIC
Server-Timing: cfCacheStatus;desc="DYNAMIC"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2FFgXh68NmEsZJLFedcuioYH%2FFionYHBh40GN68XnHDQeYLlMu6PJBUY%2BygE7kZOTxtkRn%2B3Mos%2B4jJdfpphARy8o3HrX55CyjWlP2bRUx%2B0JuwiMkYC%2BEH8BQw2FCGyoJ4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8ec64d994caf734d-NRT
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=10639&min_rtt=10213&rtt_var=4134&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2842&recv_bytes=984&delivery_rate=283560&cwnd=251&unsent_bytes=0&cid=cbcc4e00b014c7a8&ts=975&x=0"

iframe