hottools.com | Analytics by SecurityHeaders

HTTP Headers report for hottools.com

Header Name Header Data
HTTP status code 200
Cf-Cache-Status DYNAMIC
Via 1.1 varnish, 1.1 varnish
Content-Security-Policy font-src *.lightboxcdn.com *.yotpo.com *.gstatic.com data: fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com *.cloudflare.com *.twitter.com *.typekit.net *.twimg.com *.trustedshops.com https://fonts.gstatic.com channels.magento.com qaapp02.xisecurenet.com *.paymetric.com hottools.us15.list-manage.com www.facebook.com facebook.com *.hottools.com *.fontawesome.com *.bootstrapcdn.com https://www.google.com https://www.gstatic.com 'self' 'unsafe-inline';form-action *.yotpo.com secure.authorize.net test.authorize.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.facebook.com connect.facebook.net https://cert-xiecomm.paymetric.com *.paymetric.com *.hottools.com 'self' data: https://hottools.us15.list-manage.com/ *.twitter.com https://seo.mageplaza.com 'self' 'unsafe-inline';frame-ancestors www.gstatic.com 'self' 'unsafe-inline';frame-src www.elegantthemes.com *.lightboxcdn.com *.yotpo.com ct.pinterest.com www.google.com/recaptcha/ fast.amc.demdex.net secure.authorize.net test.authorize.net www.googletagmanager.com www.paypal.com www.sandbox.paypal.com player.vimeo.com www.google.com *.weltpixel.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.youtube.com www.facebook.com connect.facebook.net amc.demdex.net *.doubleclick.net vars.hotjar.com checkoutshopper-test.adyen.com qaapp02.xisecurenet.com bid.g.doubleclick.net assets.adobedtm.com www.weltpixel.com www.xtento.com https://public.cobrowse.oraclecloud.com *.mouseflow.com/ *.xisecurenet.com *.paymetric.com https://cert-xiecomm.paymetric.com *.trustarc.com imgs.signifyd.com h.online-metrix.net helenoftroy--tst1.custhelp.com helenoftroy--tst3.custhelp.com helenoftroy.custhelp.com *.hottools.com *.sdiapi.com *.twitter.com *.google.com *.addthis.com *.hotjar.com *.adsrvr.org *.cloudfront.net *.cloudflareinsights.com *.oraclecloud.com *.pur.com *.honeywellpluggedin.com *.vickshumidifiers.com *.stingerproducts.com *.febrezeairpurifiers.com *.oxo.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com https://*.online-metrix.net https://imgs.signifyd.com 'self' 'unsafe-inline';img-src secure.gravatar.com gethatch.com *.lightboxcdn.com *.yotpo.com assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net data: www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com *.gstatic.com *.googleapis.com maps.googleapis.com maps.gstatic.com *.cloudflare.com gethatch.com pixel.quantserve.com stats.g.doubleclick.net *.google.com *.facebook.com *.paypal.com network-eu-stg.bazaarvoice.com checkoutshopper-test.adyen.com www.googleads.g.doubleclick.net www.google.co.in googleads.g.doubleclick.net landofcoder.com cdn.klarna.com www.xtento.com cdn.xtento.com www.magentocommerce.com gallery.mailchimp.com https://www.googletagmanager.com https://qaapp02.xisecurenet.com *.paymetric.com *.trustarc.com imgs.signifyd.com w2txo5aapsvnlbfopfq5kti3furj22hsurgjt6nie6d3a46433edf973sac.d.aa.online-metrix.net https://w2txo5aapsvnlbfopfq5kti3furj22hsurgjt6nib9f626b15f11b117sac.d.aa.online-metrix.net w2txo5aapsvnlbfopfq5kti3furj22hsurgjt6nib9f626b15f11b117sac.d.aa.online-metrix.net consent.truste.com *.d.aa.online-metrix.net *.e.aa.online-metrix.net *.f.aa.online-metrix.net i.ytimg.com *.hottools.com *.cdninstagram.com *.fbcdn.net *.googleadservices.com *.google-analytics.com *.twitter.com t.co *.custhelp.com *.rnengage.com *.omtrdc.net *.trustarc.com *.pinterest.com *.signifyd.com *.doubleclick.net *.ytimg.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com https://imgs.signifyd.com https://*.online-metrix.net 'self' 'unsafe-inline';script-src maps.googleapis.com gethatch.com *.gethatch.com cdnjs.cloudflare.com *.azurewebsites.net *.lightboxcdn.com *.yotpo.com *.youtube.com static.doubleclick.net *.ads-twitter.com www.google.com www.googleoptimize.com assets.adobedtm.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.googletagmanager.com www.paypalobjects.com js.braintreegateway.com www.paypal.com www.sandbox.paypal.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com *.vimeocdn.com www.youtube.com apis.google.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ maps.googleapis.com maps.gstatic.com fonts.googleapis.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com js.authorize.net jstest.authorize.net *.google-analytics.com cdn-scripts.signifyd.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com qaapp02.xisecurenet.com channels.magento.com cdn.wootric.com cdn-assets.rapidspike.com cdnjs.cloudflare.com *.www.googletagmanager.com tagmanager.google.com *.instagram.com *.google.com *.gstatic.com ajax.cloudflare.com js-agent.newrelic.com https://public.cobrowse.oraclecloud.com *.mouseflow.com/ s3.amazonaws.com *.oraclecloud.com https://qaapp02.xisecurenet.com *.paymetric.com *.trustarc.com *.nr-data.net imgs.signifyd.com *.sdiapi.com *.hottools.com *.iterable.com *.cloudflare.com *.twitter.com *.ads-twitter.com googletagmanager.com *.trustedshops.com *.fontawesome.com *.addthis.com s7.addthis.com m.addthis.com z.moatads.com *.addthisedge.com graph.facebook.com *.facebook.net widgets.pinterest.com *.hotjar.com *.doubleclick.net *.custhelp.com *.rnengage.com *.rapidspike.com *.atgsvcs.com *.trustarc.com *.livelook.com *.newrelic.com *.pinimg.com sc-static.net *.signifyd.com *.googleapis.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com ajax.googleapis.com https://www.googletagmanager.com www.xtento.com cdn.xtento.com https://cdn-scripts.signifyd.com https://imgs.signifyd.com 'self' 'unsafe-inline' 'unsafe-eval';style-src *.lightboxcdn.com *.yotpo.com getfirebug.com fonts.googleapis.com *.cloudflare.com *.googleapis.com *.twitter.com *.twimg.com *.gstatic.com *.typekit.net *.trustedshops.com *.usercentrics.eu *.fontawesome.com *.bootstrapcdn.com channels.magento.com tagmanager.google.com *.oraclecloud.com *.mouseflow.com/ cdn-images.mailchimp.com https://qaapp02.xisecurenet.com *.paymetric.com *.hottools.com *.custhelp.com *.google.com unsafe-inline 'self' 'unsafe-inline';object-src 'self' 'unsafe-inline';media-src *.yotpo.com https://magento.com https://devdocs.magento.com *.hottools.com 'self' 'unsafe-inline';manifest-src 'self' 'unsafe-inline';connect-src maps.googleapis.com gethatch.com *.gethatch.com *.yotpo.com *.algolia.net api.addressy.com api.iterable.com *.algolianet.com lib-us-1.brilliantcollector.com dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.facebook.com connect.facebook.net www.sandbox.paypal.com *.cloudflare.com *.twitter.com *.paypal.com *.twimg.com data-a495851.data.us2.oraclecloud.com www.google-analytics.com channels.magento.com cdn.wootric.com eligibility.wootric.com wootric-eligibility.herokuapp.com *.rapidspike.com stats.g.doubleclick.net *.oraclecloud.com *.mouseflow.com/ *.instagram.com https://qaapp02.xisecurenet.com *.paymetric.com *.nr-data.net imgs.signifyd.com *.sdiapi.com *.signifyd.com *.trustarc.com *.hottools.com *.hotjar.com *.hotjar.io *.doubleclick.net *.atgsvcs.com *.pinterest.com *.google-analytics.com http://dpm.demdex.net https://www.google.com https://www.gstatic.com www.paypal.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com https://www.google-analytics.com *.googleusercontent.com https://imgs.signifyd.com 'self' 'unsafe-inline';child-src assets.braintreegateway.com c.paypal.com http: https: blob: 'self' 'unsafe-inline';default-src 'self' 'unsafe-inline' 'unsafe-eval';base-uri 'self' 'unsafe-inline';
Content-Security-Policy-Set Not Set - Implied, US
X-Cache-Hits 11, 0
Date Tue, 08 Apr 2025 03:02:49 GMT
Connection keep-alive
Cache-Control public, max-age=600
Strict-Transport-Security max-age=300
Vary Accept-Encoding, Cookie, Cookie
X-Cache HIT, MISS
X-Served-By cache-chi-klot8100037-CHI, cache-rtm-ehrd2290042-RTM
X-Styx-Req-Id fec5ee1e-1424-11f0-86d8-c64238d80d34
Age 411
X-Pantheon-Styx-Hostname styx-fe4-b-79d9f55b98-wwcs7
X-Timer S1744081369.321627,VS0,VE100
Content-Type text/html; charset=UTF-8
Link <https://www.hottools.com/wp-json/>; rel="https://api.w.org/", <https://www.hottools.com/wp-json/wp/v2/pages/65>; rel="alternate"; type="application/json", <https://www.hottools.com/>; rel=shortlink
Cf-Ray 92ce872e1a50a012-AMS
Server cloudflare

About the tool

By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.

This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.

We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.

Watch it now at TrustRadar