hamleys.com Review

Titletag	Descriptiontag	language
The World’s Finest Toys & Games \| Hamleys		English

Alexarank
296144

Ip adress

4.234.45.40

Nameserver

ns1.netnames.net
ns2.netnames.net
ns5.netnames.net
ns6.netnames.net

Status code

200

robots.txt

N/A

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 01 Nov 2025 05:19:56 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.hamleys.com/

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 826639
traceresponse: 00-1873c95025a6b8eb61f268baac8649c4-f0626dfc71d66c89-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
expires: Sun, 02 Nov 2025 05:00:31 GMT
link: ; rel=preload; as=script, ; rel=preload; as=script, ; rel=preload; as=script, ; rel=preload; as=script, ; rel=preload; as=script, ; rel=preload; as=script, ; rel=preload; as=script, ; rel=preload; as=script, ; rel=preload; as=script, ; rel=preload; as=script, ; rel=preload; as=style, ; rel=preload; as=style, ; rel=preload; as=style
x-platform-server: i-081defed22dfc5bb6
x-platform-server: i-081defed22dfc5bb6
x-debug-info: eyJyZXRyaWVzIjowfQ==
pragma: cache
content-security-policy-report-only: font-src fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com cash-f.squarecdn.com https://*.gstatic.com *.googleapis.com *.hamleys.com *.cloudflare.com *.twitter.com *.yotpo.com re.avekshaa-eam.com *.dynamicyield.com plausible.io *.conversity.com *.usercentrics.eu api.usercentrics.eu *.particularaudience.com *.salesfire.co.uk *.clarity.ms *.smartmetrics.co.uk *.facebook.com *.dynamicyield.eu data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.adyen.com *.hamleys.com *.twitter.com re.avekshaa-eam.com *.dynamicyield.com plausible.io *.conversity.com *.particularaudience.com *.salesfire.co.uk *.clarity.ms *.smartmetrics.co.uk *.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com * *.adyen.com www.google.com *.hamleys.com *.twitter.com re.avekshaa-eam.com *.dynamicyield.com plausible.io *.conversity.com *.usercentrics.eu api.usercentrics.eu *.particularaudience.com *.salesfire.co.uk *.clarity.ms *.smartmetrics.co.uk *.facebook.com *.dynamicyield.eu www.xtento.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com p.typekit.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net data: * https://*.gstatic.com *.adyen.com *.googleapis.com *.hamleys.com *.cloudflare.com *.googleadservices.com *.google-analytics.com *.yotpo.com yotpo-stool.s3.amazonaws.com *.doubleclick.net *.google.com maps.gstatic.com *.postcodeanywhere.co.uk *.flixfacts.com *.flixcar.com *.flix360.com *.flixgvid.flix360.io re.avekshaa-eam.com *.dynamicyield.com plausible.io *.conversity.com *.usercentrics.eu api.usercentrics.eu www.google.co.in *.particularaudience.com *.salesfire.co.uk *.smartmetrics.co.uk *.facebook.com *.clarity.ms *.bing.com *.google.co.in *.roeye.com *.awin1.com *.dynamicyield.eu www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net amcglobal.sc.omtrdc.net *.adobe.io use.typekit.net *.commerce-payment-services.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com unpkg.com/@adobe/ cdn.jsdelivr.net/npm/@adobe/ commerce.adobedtm.com js.magento-datasolutions.com magento-recs-sdk.adobe.net s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.magento-ds.com *.typekit.net google.com *.google.com *.cdn-apple.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com cdn.ampproject.org raw.githubusercontent.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ *.googleapis.com *.gstatic.com widget.freshworks.com m2epro.freshdesk.com *.cloudflare.com *.hamleys.com *.twitter.com *.google-analytics.com *.twimg.com *.yotpo.com js-agent.newrelic.com *.googletagmanager.com *.doubleclick.net maps.googleapis.com *.hotjar.com *.postcodeanywhere.co.uk *.pcapredict.com *.flixfacts.com *.flixcar.com *.flix360.com *.flixgvid.flix360.io re.avekshaa-eam.com *.dynamicyield.com *.conversity.com plausible.io *.usercentrics.eu api.usercentrics.eu analytics.tiktok.com analytics.webgains.io lantern.roeyecdn.com *.dwin1.com *.bing.com *.facebook.net *.salesfire.co.uk *.webgains.io *.particularaudience.com *.clarity.ms *.smartmetrics.co.uk *.facebook.com *.dynamicyield.eu www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com *.cash.app https://fonts.googleapis.com/ widget.freshworks.com m2epro.freshdesk.com *.hamleys.com 'self' data: *.cloudflare.com *.googleapis.com *.twitter.com *.gstatic.com *.typekit.net getfirebug.com *.google.com *.yotpo.com *.postcodeanywhere.co.uk *.flixgvid.flix360.io *.flixcar.com *.flix360.com re.avekshaa-eam.com *.dynamicyield.com plausible.io *.conversity.com *.usercentrics.eu api.usercentrics.eu *.particularaudience.com *.salesfire.co.uk *.clarity.ms *.smartmetrics.co.uk *.facebook.com *.dynamicyield.eu 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.snplow.net commerce.adobedc.net commerce.adobe.io *.sentry.io *.paypal.com google.com *.google.com * *.adyen.com *.algolia.net *.algolia.com *.algolianet.com *.insights.algolia.io insights.algolia.io cdn.ampproject.org *.googleapis.com widget.freshworks.com m2epro.freshdesk.com *.hamleys.com *.cloudflare.com *.twitter.com *.yotpo.com stats.g.doubleclick.net *.postcodeanywhere.co.uk re.avekshaa-eam.com *.dynamicyield.com plausible.io *.conversity.com *.usercentrics.eu api.usercentrics.eu analytics.tiktok.com *.particularaudience.com *.facebook.com *.smartmetrics.co.uk *.clarity.ms *.salesfire.co.uk *.dynamicyield.eu 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-frame-options: SAMEORIGIN
x-timer: S1761973225.295677,VS0,VE7013
Accept-Ranges: bytes
Date: Sat, 01 Nov 2025 05:19:56 GMT
Age: 1164
X-Served-By: cache-lhr-egll1980089-LHR, cache-lhr-egll1980089-LHR, cache-lcy-eglc8600089-LCY
X-Cache: MISS, MISS, HIT
X-Cache-Hits: 0, 0, 1
strict-transport-security: max-age=31536000
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Vary: Accept-Encoding,Cookie
X-FRAME-OPTIONS: SAMEORIGIN

iframe