HTTP Headers Analysis for https://getdrip.com

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000

Content-Security-Policy

Weak

upgrade-insecure-requests

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Good

no-referrer-when-downgrade

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Significantly strengthen CSP directives
• Add X-Content-Type-Options: nosniff
• Consider adding Permissions-Policy to control browser features

Performance Headers

2 headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Caching Headers

2 headers

Cache-Control

Caching

no-store, no-cache, must-revalidate

Last-Modified

Caching

Thu, 15 Jan 2026 01:36:33 GMT

Content Headers

1 headers

Content-Type

Content

text/html; charset=UTF-8

Server Headers

1 headers

Server

cloudflare

CORS Headers

0 headers

No CORS headers found

Cookies Headers

1 headers

Set-Cookie

Cookies

_cfuvid=SPlDmiPaiChoeH8Lediv1bM5Exf1Txul9qW0TYnG4_8-1768482607202-0.0.1.1-604800000; path=/; domain=.www.drip.com; HttpOnly; Secure; SameSite=None

Other Headers

16 headers

Alt-Svc

Other

h3=":443"; ma=86400

Cf-Ray

Other

9be59c86c879d1bc-IAD

Content-Security-Policy-Report-Only

Other

script-src 'self' 'unsafe-eval' 'unsafe-inline' *.drip.com *.hsappstatic.net *.sleeknote.com *.zdassets.com *.zendesk.com *.hubspot.com *.hubspot.net *.hs-analytics.net *.hs-banner.com *.cloudflare.com *.zi-scripts.com *.g2crowd.com unpkg.com *.tiktok.com *.quora.com *.bing.com *.redditstatic.com *.ads-twitter.com *.licdn.com *.facebook.net *.snapchat.com sc-static.net *.clearbitscripts.com *.dreamdata.cloud *.g2.com ai.g2.com; connect-src 'self' *.drip.com ai.g2.com;

Date

Other

Thu, 15 Jan 2026 13:10:07 GMT

Edge-Cache-Tag

Other

CT-198996763421,CG-1445333,P-1445333,CW-187367335222,CW-187723995475,CW-187732704606,CW-187736388782,CW-187757857916,CW-187759109540,CW-187759882625,CW-187761895974,CW-187764746106,CW-188345391628,CW-68818009367,CW-68821612452,CW-69223255849,CW-80141806705,DB-5374623,DB-5391694,E-187373319518,E-68818140169,E-69183863448,E-69184729983,E-69209306909,E-69211541371,E-69224970586,E-69224971182,E-69224973332,E-69425902911,E-79860969322,E-99603437172,MENU-68849922860,MENU-69097846386,MENU-69130745248,RA-187718956926,RA-187723154688,RA-187723154689,RA-187723154690,RA-187728791984,RA-187729683791,RA-187729683792,RA-187730126710,RA-187815176859,RA-187820143226,RA-187824774322,RA-187824774323,RA-187824893103,RA-187824893104,RA-187824893105,RA-187826437523,RA-187826437524,RA-187826437525,RA-187826890147,RA-187827212886,RA-187869650047,RA-187869650048,RA-187876609055,RA-187877454115,RA-187877454116,RA-196637209371,RA-196637209528,RA-196639841422,RA-196641909803,RA-69283278393,RA-79861085515,PGS-ALL,SW-3,B-68898708904,TS-68818140237

Link

Other

<https://www.drip.com/hubfs/hub_generated/template_assets/1/69184729983/1767856712606/template_main.min.css>; rel=preload; as=style,<https://www.drip.com/hubfs/hub_generated/module_assets/1/187367335222/1763676185915/module_homepage-hero.min.css>; rel=preload; as=style,<https://www.drip.com/hubfs/hub_generated/module_assets/1/80141806705/1754394575299/module_customer-logos.min.css>; rel=preload; as=style,<https://www.drip.com/hubfs/hub_generated/module_assets/1/187723995475/1742676047152/module_homepage-reviews.min.css>; rel=preload; as=style,<https://www.drip.com/hubfs/hub_generated/module_assets/1/187732704606/1747321008745/module_homepage-stats.min.css>; rel=preload; as=style,<https://www.drip.com/hubfs/hub_generated/module_assets/1/187736388782/1742734608121/module_homepage-customer-quote.min.css>; rel=preload; as=style,<https://www.drip.com/hubfs/hub_generated/module_assets/1/187757857916/1762203444587/module_homepage-left-right.min.css>; rel=preload; as=style

Nel

Other

{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}

Report-To

Other

{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EH2AKXxtpxB5B2eM2UXImzUZCotdSeyPte3lkXgXx2pvWwyLaD1f63AjB5g8Oq3sNZfa88O%2BBzd7Q%2FET57JSJanjaNXig46GfcMLJ7FNuRchh2F8MHeucWBamY0rAw%3D%3D"}],"group":"cf-nel","max_age":604800}

X-Hs-Cache-Config

Other

BrowserCache-5s-EdgeCache-0s

X-Hs-Cache-Control

Other

s-maxage=36000, max-age=0

X-Hs-Cf-Cache-Status

Other

HIT

X-Hs-Cfworker-Meta

Other

{"contentType":"SITE_PAGE","resolver":"PreRenderedContentResolver"}

X-Hs-Content-Id

Other

198996763421

X-Hs-Hub-Id

Other

1445333

X-Hs-Portal-Id

Other

1445333

X-Hs-Prerendered

Other

Thu, 15 Jan 2026 01:36:33 GMT

Recommendations

Enable compression (gzip/brotli) to improve performance