Hotjar
Hotjar is a product-analytics tool that records heatmaps, session replays and on-site surveys. ScanMalware detects it from the static.hotjar.com loader and its tracking calls.
Session-recording scripts capture detailed visitor interaction and have broad page access, which makes them notable both for privacy and as significant third-party code running on the site.
Commonly deployed alongside Hotjar
Of the 2,700 public scans where Hotjar was detected, these are the technologies most often present on the same site. The share is the percentage of Hotjar sites that also ran each one.
| Technology | Category | Share of Hotjar sites |
|---|---|---|
| Google Analytics | wappalyzer | 93.9% |
| Google Tag Manager | wappalyzer | 82.72% |
| Open-Graph-Protocol | miscellaneous | 63.12% |
| jQuery | wappalyzer | 59.38% |
| Facebook Pixel | wappalyzer | 54.61% |
| HSTS | wappalyzer | 48.21% |
| Google-Analytics | miscellaneous | 46.91% |
| Cloudflare | wappalyzer | 44.32% |
| JQuery | miscellaneous | 39.73% |
| Cloudflare Bot Management | wappalyzer | 35.04% |
| PHP | wappalyzer | 34.74% |
| MetaGenerator | miscellaneous | 34.63% |
| X-UA-Compatible | miscellaneous | 34.3% |
| PoweredBy | miscellaneous | 33.3% |
How ScanMalware detects Hotjar
Hotjar is detected by analysing the response headers, HTML markup, JavaScript runtime and asset URLs captured when ScanMalware loads the site in a real headless browser.
From any scan you can pivot into related signals — JARM TLS fingerprints, ASN ownership and BGP routing, certificate history, JavaScript analysis and the overall security verdict — to understand not just that Hotjar is present, but how it is being used. Open the full search interface for Hotjar →
Recent public scans featuring Hotjar
A rolling sample of recent public scans where Hotjar was detected. Listing a site here is not a safety judgement — open a scan to see its full verdict.
| Site | Scanned |
|---|---|
| Media Now Interactive | Media Planning and Buying https://mni.com | 2026-06-16 |
| Change Grow Live | Charity | We can help you change your life https://www.changegrowlive.org | 2026-06-16 |
| Water Treatment Systems | Kinetico | Kinetico Water Systems https://www.kinetico.com | 2026-06-16 |
| Esteio Gestão | Software de Gestão Pecuária Simplificado https://esteiogestao.com.br | 2026-06-16 |
| Low Cost, High Performance S3 Compatible Object Storage https://cdn.deepswapper.com | 2026-06-16 |
| Orthodontic Practice Growth | Gaidge Stats & Consulting https://gaidge.com | 2026-06-16 |
| Dudley College of Technology - Get Ahead http://www.dudleycol.ac.uk | 2026-06-16 |
| Official Website of the Courtauld Institute of Art http://www.courtauld.ac.uk | 2026-06-16 |
Frequently asked questions about Hotjar
- Does using Hotjar mean a website is unsafe?
- No. Hotjar is a stack component, not a verdict. ScanMalware scores the whole page — its scripts, redirects, certificates, threat-intelligence matches and behaviour — so a site using Hotjar can be perfectly safe or actively malicious.
- How many sites using Hotjar has ScanMalware scanned?
- Hotjar has been detected in 2,700 public scans on ScanMalware.com. Each scan is a real headless-browser visit, and the figure updates as new URLs are submitted.
- What technologies are commonly used with Hotjar?
- Across scanned sites, Hotjar is most often seen alongside Google Analytics, Google Tag Manager and Open-Graph-Protocol. The full co-occurrence breakdown is listed on this page.
Browse all profiled technologies on the technology index, or scan a URL to see its full stack.