| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| X-Cache | MISS, HIT, HIT |
| Vary | Accept-Encoding,Cookie |
| X-Platform-Server | i-0c2824219830152a9 |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Timer | S1744096297.689078,VS0,VE930 |
| Date | Tue, 08 Apr 2025 13:42:33 GMT |
| X-Served-By | cache-iad-kjyo7100120-IAD, cache-iad-kjyo7100154-IAD, cache-ams21030-AMS |
| X-Cache-Hits | 0, 87, 0 |
| Strict-Transport-Security | max-age=31536000 |
| Connection | keep-alive |
| Traceresponse | 00-183446575acbc870840806c4f05e447a-c644031ed840cbae-01 |
| Pragma | cache |
| Expires | Wed, 09 Apr 2025 07:11:36 GMT |
| Cache-Control | no-store, no-cache, must-revalidate, max-age=0 |
| Age | 23455 |
| Content-Type | text/html; charset=UTF-8 |
| X-Xss-Protection | 1; mode=block |
| Content-Security-Policy-Report-Only | font-src *.google.com *.googletagmanager.com *.googleapis.com fonts.gstatic.com *.shareasale.com *.shareasale-analytics.com shareasale.com shareasale-analytics.com *.amazonaws.com *.shop.pe shop.pe *.juicer.io *.cloudfront.net v2.zopim.com data: *.bootstrapcdn.com *.yotpo.com *.kaltura.com *.nytrng.com nytrng.com *.dynamicyield.com https://*.gladly.com https://*.smooch.io https://d1fc8wv8zag5ca.cloudfront.net https://media.fbot.me *.gstatic.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.google.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.shareasale.com *.shareasale-analytics.com shareasale.com shareasale-analytics.com www.facebook.com *.amazonaws.com *.juicer.io shop.pe *.yotpo.com *.kaltura.com *.nytrng.com nytrng.com https://*.gladly.com https://*.smooch.io https://d1fc8wv8zag5ca.cloudfront.net *.authorize.net *.facebook.com 'self' 'unsafe-inline'; frame-ancestors *.authorize.net 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com bid.g.doubleclick.net www.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https://www.google.com/recaptcha/ www.googletagmanager.com *.dotdigital-pages.com *.dotdigital.com www.google.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.shareasale.com *.shareasale-analytics.com shareasale.com shareasale-analytics.com *.amazonaws.com *.juicer.io *.shop.pe shop.pe *.criteo.com assets.bounceexchange.com vars.hotjar.com www.facebook.com imgs.signifyd.com h.online-metrix.net vendor1.leasestation.com amc.demdex.net nsg.symantec.com *.paypalobjects.com www.paypalobjects.com *.yotpo.com *.kaltura.com *.nytrng.com nytrng.com *.pinterest.com https://nl.fatquartershop.com https://widget.fbot.me *.dynamicyield.com https://*.gladly.com https://*.smooch.io https://d1fc8wv8zag5ca.cloudfront.net cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com *.authorize.net *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com *.ftcdn.net *.behance.net t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com *.youtube.com validator.swagger.io *.trackedlink.net store.paradoxlabs.com *.google.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.shareasale.com *.shareasale-analytics.com shareasale.com shareasale-analytics.com *.amazonaws.com *.juicer.io *.shop.pe shop.pe *.fatquartershop.com pixel.voltn.com v2.zopim.com www.google.co.in *.pinterest.com www.facebook.com *.cdnwidget.com u.cdnwidget.com bat.bing.com nsg.symantec.com events.bouncex.net pippio.com p.brsrvr.com connect.facebook.net imgs.signifyd.com events.cdnwidget.com api.bounceexchange.com amc.demdex.net *.e.aa.online-metrix.net match.adsrvr.org yotpo-editor-production.s3.amazonaws.com *.cdninstagram.com *.yotpo.com *.kaltura.com *.nytrng.com nytrng.com *.clarity.ms *.rqtrk.eu *.dynamicyield.com https://chat-assets.cdn.gladly.com https://chat-assets.cdn.gladly.qa maps.gstatic.com *.facebook.com dhv2ziothpgrr.cloudfront.net data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com www.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.trackedlink.net *.trackedweb.net *.ddlnk.net *.dotdigital-pages.com debug-tracking.dotdigital.internal https://cnstrc.com/js/cust/fat-quarter-shop_Orxy5R.js www.google.com *.googletagmanager.com *.googleapis.com www.gstatic.com *.shareasale.com *.shareasale-analytics.com shareasale.com shareasale-analytics.com addshoppers.s3.amazonaws.com *.juicer.io *.traversedlp.com *.pinimg.com v2.zopim.com *.shop.pe shop.pe *.criteo.net *.criteo.com *.zdassets.com/ loader.wisepops.com *.cloudfront.net fatquartershop-com-dev.ecomm-nav.com connect.facebook.net vendor1.quickspark.com nsg.symantec.com script.crazyegg.com bat.bing.com tag.bounceexchange.com assets.bounceexchange.com cdn.brcdn.com imgs.signifyd.com cdns.brsrvr.com bam.nr-data.net js-agent.newrelic.com mc.s10.exacttarget.com *.hotjar.com bam-cell.nr-data.net *.yotpo.com *.kaltura.com *.nytrng.com nytrng.com *.staticw2.yotpo.com https://nl.fatquartershop.com *.rqtrk.eu *.clarity.ms https://static.fbot.me https://campaign.fbot.me *.dynamicyield.com *.zendesk.com https://cnstrc.com https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.6/js/swiper.js https://*.gladly.com https://*.smooch.io https://d1fc8wv8zag5ca.cloudfront.net https://cdnjs.cloudflare.com https://chat-sdk.cdn.gladly.com https://chat-sdk.cdn.gladly.qa d2mjzob2nc713b.cloudfront.net fatquartershop.cdn1.safeopt.com cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com *.authorize.net maps.googleapis.com https://www.googletagmanager.com tagmanager.google.com *.facebook.net unpkg.com dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com d18eg7dreypte5.cloudfront.net 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.google.com *.googletagmanager.com fonts.googleapis.com *.gstatic.com *.shareasale.com *.shareasale-analytics.com shareasale.com shareasale-analytics.com *.amazonaws.com *.juicer.io *.shop.pe shop.pe events.bouncex.net stats.g.doubleclick.net www.google-analytics.com *.cloudfront.net *.addshoppers.com *.bootstrapcdn.com *.yotpo.com *.kaltura.com *.nytrng.com nytrng.com *.staticw2.yotpo.com *.dynamicyield.com https://*.gladly.com https://*.smooch.io https://d1fc8wv8zag5ca.cloudfront.net https://chat-sdk.cdn.gladly.com https://chat-sdk.cdn.gladly.qa cdn.dnky.co webchat.dotdigital.com webchat.staging.dotdigital.com tagmanager.google.com *.googleapis.com dhv2ziothpgrr.cloudfront.net 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'unsafe-inline' data: 'unsafe-inline' blob: *.yotpo.com *.kaltura.com *.nytrng.com nytrng.com *.dynamicyield.com *.zdassets.com/ https://chat-sdk.cdn.gladly.com https://chat-sdk.cdn.gladly.qa 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com *.newrelic.com *.nr-data.net vimeo.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com *.google.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.shareasale.com *.shareasale-analytics.com shareasale.com shareasale-analytics.com bat.bing.com *.amazonaws.com *.juicer.io *.shop.pe shop.pe ekr.zdassets.com script.crazyegg.com *.pinterest.com stats.g.doubleclick.net wss: manager.eu.smartlook.cloud in.hotjar.com staging-core.dxpapi.com core.dxpapi.com imgs.signifyd.com bt.signifyd.com:11103 data.cdnbasket.net ids.cdnwidget.com pd.cdnwidget.com page.cdnbasket.net/ view.cdnbasket.net bam.nr-data.net vc.hotjar.io bam-cell.nr-data.net api.traversedlp.com *.paypal.com *.yotpo.com *.kaltura.com *.nytrng.com nytrng.com *.clarity.ms https://public.fbot.me *.dynamicyield.com *.zendesk.com zendesk-eu.my.sentry.io *.cnstrc.com https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.6/js/swiper.js https://*.gladly.com https://*.smooch.io https://d1fc8wv8zag5ca.cloudfront.net https://api.us-1.gladly.chat wss://ws.us-1.gladly.chat https://chat-assets.cdn.gladly.com https://chat-sdk.cdn.gladly.com https://api.us-uat.gladly.chat wss://ws.us-uat.gladly.chat https://chat-assets.cdn.gladly.qa https://chat-sdk.cdn.gladly.qa webchat.dotdigital.com webchat.staging.dotdigital.com *.authorize.net *.google-analytics.com *.facebook.net dhv2ziothpgrr.cloudfront.net *.smsbump.com 7kgd3hs1oh.execute-api.us-east-1.amazonaws.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; |
| Accept-Ranges | bytes |
| X-Debug-Info | eyJyZXRyaWVzIjowfQ== |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar