HTTP Headers report for slot.ng

Header Name	Header Data
HTTP status code	200
X-Magento-Tags	cat_c,cat_c_3,cat_c_7,cat_c_19,cat_c_25,cat_c_28,cat_c_45,cat_c_162,cat_c_171,cat_c_172,cat_c_181,cat_c_182,cat_c_191,cat_c_192,cat_c_194,store,cms_b,mp_smtp_script,cms_p_57,cms_b_default_topbar_advertisement,cms_b_default_topbar_shipping,cms_b_default_topbar_menu,cms_b_default_header_hotline,cms_b_default_header_static_text,cat_p,cat_c_200,cat_c_46,cat_c_6,cat_c_54,cat_c_56,cat_c_60,cat_c_57,cat_c_53,cat_c_176,cat_c_61,cat_c_62,cat_c_157,cat_c_48,178,cat_c_47,cat_c_49,cat_c_50,cat_c_51,cat_c_20,cat_c_64,146,73,76,cat_c_71,69,124,72,cat_c_65,66,101,138,cat_c_74,75,8,10,11,cat_c_87,137,cat_c_115,cat_c_113,cat_c_144,108,cat_c_89,cat_c_140,150,88,cat_c_106,cat_c_95,cat_c_2,9,mfb_p_0,cms_b_default_footer_newsletter,cms_b_default_footer_about_store,cms_b_default_footer_categories,cms_b_default_footer_information,cms_b_default_useful_link,cms_b_default_footer_subscriber,cms_b_default_footer_horizontal_menu,FPC
X-Magento-Cache-Debug	HIT
Content-Security-Policy	font-src .typekit.net .gstatic.com fonts.gstatic.com use.typekit.net .fontawesome.com https://fonts.gstatic.com 'self' data: .cloudflare.com .twitter.com .twimg.com .trustedshops.com .googleapis.com .google.com .youtube.com https://css.zohocdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com .paypal.com .cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com .wirecard.com acs.sia.eu .touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com .monzo.com .arcot.com .wlp-acs.com .twitter.com .google.com .youtube.com maps.googleapis.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net .adobe.com bid.g.doubleclick.net .youtube.com .youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ .braintreegateway.com .paypal.com google.com .google.com .cdl.test.lendastack.io https://player.vimeo.com https://www.youtube-nocookie.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com .cardinalcommerce.com .twitter.com .facebook.com maps.googleapis.com lightwidget.com .maps.gstatic.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net .adobe.com widgets.magentocommerce.com 'self' data: www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net analytics.google.com www.googletagmanager.com .ftcdn.net .behance.net data: t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com .vimeocdn.com i.ytimg.com .youtube.com .paypal.com .typekit.net .gstatic.com p.typekit.net validator.swagger.io https://meetanshi.com https://updates.themepunch.tools http://updates.themepunch.tools https://updates.themepunch-ext-a.tools http://updates.themepunch-ext-a.tools https://updates.themepunch-ext-b.tools http://updates.themepunch-ext-b.tools https://dev.sliderrevolution.com https://revolution.themepunch.com http://revolution5.themepunch.com http://pbs.twimg.com https://pbs.twimg.com http://scontent.cdninstagram.com https://img.youtube.com http://live.staticflickr.com https://live.staticflickr.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com .cloudflare.com .klarna.com .googleadservices.com .google-analytics.com .twitter.com .twimg.com .ytimg.com .lightemporium.com .usercentrics.eu .google.com maps.googleapis.com s7.addthis.com .addthis.com .moatads.com .addthisedge.com .facebook.com .googleapis.com .placeholder.com .maps.gstatic.com https://us4-files.zohopublic.com https://css.zohocdn.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com .adobe.com www.googleadservices.com www.google-analytics.com googleads.g.doubleclick.net analytics.google.com www.googletagmanager.com .newrelic.com .nr-data.net geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com .vimeocdn.com .youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ .commerce-payment-services.com .typekit.net google.com .google.com amcglobal.sc.omtrdc.net .magento-ds.com use.typekit.net https://checkout.creditdirect.ng s7.addthis.com .avada.io https://player.vimeo.com https://www.youtube.com js.braintreegateway.com assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com .paypal.com songbirdstag.cardinalcommerce.com .cloudflare.com .twitter.com .google-analytics.com .twimg.com .gstatic.com .trustedshops.com .usercentrics.eu .fontawesome.com maps.googleapis.com .facebook.net cdn.lightwidget.com .instagram.com .cdninstagram.com .addthis.com .moatads.com .addthisedge.com .googleapis.com .placeholder.com .maps.gstatic.com https://salesiq.zohopublic.com https://js.zohocdn.com https://static.zohocdn.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src .adobe.com fonts.googleapis.com .fontawesome.com https://fonts.googleapis.com http://fonts.googleapis.com assets.braintreegateway.com .cloudflare.com .googleapis.com .twitter.com .twimg.com .gstatic.com .typekit.net .trustedshops.com .usercentrics.eu .google.com .youtube.com maps.googleapis.com .cdninstagram.com s7.addthis.com .addthis.com .moatads.com .addthisedge.com .facebook.com .placeholder.com .maps.gstatic.com https://css.zohocdn.com https://static.zohocdn.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src .adobe.com blob: https://static.zohocdn.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.google-analytics.com www.googleadservices.com analytics.google.com www.googletagmanager.com .newrelic.com .nr-data.net vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com .paypal.com google.com .google.com .adobe.io performance.typekit.net .sentry.io checkout.creditdirect.ng ekr.zdassets.com/ https://get.geojs.io .avada.io https://fonts.googleapis.com https://fonts.gstatic.com https://api.weatherbit.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com .braintree-api.com .cardinalcommerce.com .cloudflare.com .twitter.com .twimg.com .youtube.com maps.googleapis.com facebook.net .maps.gstatic.com https://salesiq.zohopublic.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com .paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src .checkout.creditdirect.ng .google.com .cloudinary.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
Date	Sun, 20 Apr 2025 00:11:00 GMT
Content-Type	text/html; charset=UTF-8
Server	cloudflare
X-Magento-Cache-Control	max-age=86400, public, s-maxage=86400
Vary	Accept-Encoding
Strict-Transport-Security	max-age=0; preload
Set-Cookie	PHPSESSID=vk5i35b8plhk5imo63seor4vts; HttpOnly; SameSite=Lax; Secure; Path=/; Domain=slot.ng; Max-Age=2592000; Expires=Tue, 20 May 2025 00:11:00 GMT
Alt-Svc	h3=":443"; ma=86400
Server-Timing	cfL4;desc="?proto=TCP&rtt=962&min_rtt=907&rtt_var=287&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2792&recv_bytes=1892&delivery_rate=3192943&cwnd=194&unsent_bytes=0&cid=60ae6cac570d7f86&ts=303&x=0"
Connection	keep-alive
X-Xss-Protection	1; mode=block
Report-To	{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ivgJjyXc%2BzrDlK8ItuJZcbI7gsdZk%2B0zZ8CMx15cAT7ETlXTEqcp7K4kDit%2F5Y%2FIE%2BjgFw%2F1GQOpNThaClhoQx6%2F%2Bm3rur7J37rdgTEZG0YWl19xqj4%2Fdn70"}],"group":"cf-nel","max_age":604800}
Cache-Control	max-age=0, must-revalidate, no-cache, no-store
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
Cf-Cache-Status	DYNAMIC
Nel	{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Ray	93306bff1fc3b8c1-AMS
Pragma	no-cache
Expires	Fri, 19 Apr 2024 23:27:57 GMT

About the tool

By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.

This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.

We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.

Watch it now at TrustRadar