hamleys.com Review
hamleys.com Review
| Titletag | Descriptiontag | language |
|---|
| The World’s Finest Toys & Games | Hamleys | |
English |
| Ip adress | 4.234.45.40 | Nameserver | ns07.gcd-dns.com
ns08.gcd-dns.com |
Status code | 200 |
robots.txt
N/A
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 30 Apr 2026 09:51:58 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.hamleys.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 600159
x-timer: S1777507279.811944,VS0,VE3407
traceresponse: 00-18aaf973d34aaae1bcd22fd83e142906-cda5b7b2a565dbc8-01
x-frame-options: SAMEORIGIN
link: ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=image, ; rel=preload; as=script, ; rel=preload; as=script, ; rel=preload; as=script, ; rel=preload; as=script, ; rel=preload; as=script, ; rel=preload; as=script, ; rel=preload; as=script, ; rel=preload; as=script, ; rel=preload; as=style, ; rel=preload; as=style, ; rel=preload; as=style
pragma: cache
content-security-policy-report-only: font-src fonts.gstatic.com use.typekit.net www.paypalobjects.com *.typekit.net *.gstatic.com cash-f.squarecdn.com https://*.gstatic.com *.googleapis.com *.hamleys.com *.cloudflare.com *.twitter.com *.yotpo.com re.avekshaa-eam.com *.dynamicyield.com plausible.io *.conversity.com *.usercentrics.eu api.usercentrics.eu *.particularaudience.com *.salesfire.co.uk *.clarity.ms *.smartmetrics.co.uk *.facebook.com *.dynamicyield.eu *.commerce.adobedc.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com * *.adyen.com *.hamleys.com *.twitter.com re.avekshaa-eam.com *.dynamicyield.com plausible.io *.conversity.com *.particularaudience.com *.salesfire.co.uk *.clarity.ms *.smartmetrics.co.uk *.facebook.com *.commerce.adobedc.net 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net *.demdex.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com https://www.google.com/recaptcha/ *.braintreegateway.com *.paypal.com google.com *.google.com www.googletagmanager.com * *.adyen.com www.google.com *.hamleys.com *.twitter.com re.avekshaa-eam.com *.dynamicyield.com plausible.io *.conversity.com *.usercentrics.eu api.usercentrics.eu *.particularaudience.com *.salesfire.co.uk *.clarity.ms *.smartmetrics.co.uk *.facebook.com *.dynamicyield.eu *.commerce.adobedc.net www.xtento.com 'self' 'unsafe-inline'; img-src 'self' data: assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net *.everesttech.net *.adobe.com widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com p.typekit.net *.telemetry-dev.adobe.io *.demdex.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com *.paypal.com *.typekit.net *.gstatic.com validator.swagger.io *.ftcdn.net *.behance.net data: * https://*.gstatic.com *.adyen.com *.googleapis.com *.hamleys.com *.cloudflare.com *.googleadservices.com *.yotpo.com yotpo-stool.s3.amazonaws.com *.doubleclick.net *.google.com maps.gstatic.com *.postcodeanywhere.co.uk *.flixfacts.com *.flixcar.com *.flix360.com *.flixgvid.flix360.io re.avekshaa-eam.com *.dynamicyield.com plausible.io *.conversity.com *.usercentrics.eu api.usercentrics.eu www.google.co.in *.particularaudience.com *.salesfire.co.uk *.smartmetrics.co.uk *.facebook.com *.clarity.ms *.bing.com *.google.co.in *.roeye.com *.awin1.com *.dynamicyield.eu *.commerce.adobedc.net www.xtento.com cdn.xtento.com data: 'self' 'unsafe-inline'; script-src *.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com use.typekit.net *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com unpkg.com/@adobe/ cdn.jsdelivr.net/npm/@adobe/ commerce.adobedtm.com js.magento-datasolutions.com *.newrelic.com *.nr-data.net assets.adobedtm.com *.adobe.io *.commerce-payment-services.com commerce-payments-sdk.adobe.io *.magento-ds.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.typekit.net google.com *.google.com *.cdn-apple.com *.braintreegateway.com *.magento-datasolutions.com *.adyen.com pay.google.com *.payments-amazon.com *.paypal.com *.ratepay.com *.cash.app *.visa.com *.mastercard.com applepay.cdn-apple.com https://rum.hlx.page www.google.com/recaptcha/ www.gstatic.com/recaptcha/ *.googleapis.com *.gstatic.com widget.freshworks.com m2epro.freshdesk.com *.cloudflare.com *.hamleys.com *.twitter.com *.google-analytics.com *.twimg.com *.yotpo.com js-agent.newrelic.com *.googletagmanager.com *.doubleclick.net maps.googleapis.com *.hotjar.com *.postcodeanywhere.co.uk *.pcapredict.com *.flixfacts.com *.flixcar.com *.flix360.com *.flixgvid.flix360.io re.avekshaa-eam.com *.dynamicyield.com *.conversity.com plausible.io *.usercentrics.eu api.usercentrics.eu analytics.tiktok.com analytics.webgains.io lantern.roeyecdn.com *.dwin1.com *.bing.com *.facebook.net *.salesfire.co.uk *.webgains.io *.particularaudience.com *.clarity.ms *.smartmetrics.co.uk *.facebook.com *.dynamicyield.eu *.commerce.adobedc.net www.xtento.com cdn.xtento.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com fonts.googleapis.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com *.magento-datasolutions.com *.magento-ds.com *.cash.app https://fonts.googleapis.com/ widget.freshworks.com m2epro.freshdesk.com *.hamleys.com 'self' data: *.cloudflare.com *.googleapis.com *.twitter.com *.gstatic.com *.typekit.net getfirebug.com *.google.com *.yotpo.com *.postcodeanywhere.co.uk *.flixgvid.flix360.io *.flixcar.com *.flix360.com re.avekshaa-eam.com *.dynamicyield.com plausible.io *.conversity.com *.usercentrics.eu api.usercentrics.eu *.particularaudience.com *.salesfire.co.uk *.clarity.ms *.smartmetrics.co.uk *.facebook.com *.dynamicyield.eu *.commerce.adobedc.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; manifest-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.google-analytics.com www.googleadservices.com *.analytics.google.com www.googletagmanager.com *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io *.telemetry.adobe.io telemetry.adobe.io p13n.adobe.io p13n-mr.adobe.io *.sentry.io *.sentry-cdn.com plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com livesearch-metrics-qa.magento-datasolutions.com livesearch-metrics.magento-ds.com commerce-int.adobe.io commerce.adobe.io *.snplow.net commerce.adobedc.net *.newrelic.com *.nr-data.net vimeo.com api.magento.com *.adobe.io performance.typekit.net www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.paypal.com google.com *.google.com *.braintreegateway.com *.braintree-api.com *.magento-datasolutions.com *.magento-ds.com * *.adyen.com *.googleapis.com widget.freshworks.com m2epro.freshdesk.com *.hamleys.com *.cloudflare.com *.twitter.com *.yotpo.com stats.g.doubleclick.net *.postcodeanywhere.co.uk re.avekshaa-eam.com *.dynamicyield.com plausible.io *.conversity.com *.usercentrics.eu api.usercentrics.eu analytics.tiktok.com *.particularaudience.com *.facebook.com *.smartmetrics.co.uk *.clarity.ms *.salesfire.co.uk *.dynamicyield.eu *.commerce.adobedc.net 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.search-admin-ui-qa.magento-datasolutions.com search-admin-ui-qa.magento-datasolutions.com *.search-admin-ui.magento-ds.com search-admin-ui.magento-ds.com *.telemetry-dev.adobe.io telemetry-dev.adobe.io amcglobal.sc.omtrdc.net plp-widgets-ui-qa.magento-datasolutions.com plp-widgets-ui.magento.ds.com searchautocompleteqa.magento-datasolutions.com livesearch-autocomplete.magento-ds.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
x-content-type-options: nosniff
content-type: text/html; charset=UTF-8
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-platform-server: i-0bfe0601b80a401c2
x-platform-server: i-0bfe0601b80a401c2
x-xss-protection: 1; mode=block
content-security-policy: upgrade-insecure-requests;
expires: Fri, 01 May 2026 00:01:19 GMT
Accept-Ranges: bytes
Date: Thu, 30 Apr 2026 09:51:59 GMT
Age: 35437
X-Served-By: cache-lhr-egll1980061-LHR, cache-lhr-egll1980091-LHR
X-Cache: MISS, HIT
X-Cache-Hits: 0, 3
strict-transport-security: max-age=31536000
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Vary: Accept-Encoding,Cookie
X-FRAME-OPTIONS: SAMEORIGIN