Open
Cached
·
just now
25
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; script-src; img-src; +5 more
default-src 'self' 'unsafe-inline' 'unsafe-eval' wss: blob: data: 127.0.0.1 ironcladapp.com *.ironcladapp.com sync-transcend-cdn.com *.transcend-cdn.com *.sync-transcend-cdn.com transcend-cdn.com *.liadm.com *.usbrowserspeed.com *.ip-api.com *.getwarmly.com knotch.com *.knotch.com knotch-cdn.com *.knotch-cdn.com pactsafe.io *.pactsafe.io prod.impartner.live *.impartner.live packages.prmcdn.io pixel-config.reddit.com *.redditstatic.com *.prmcdn.io ironclad.partner-experience.com *.yoast.com *.algolianet.com *.algolia.net *.spotify.com *.storylane.io *.ironcladhq.com *.wpengine.com *.wpenginepowered.com cdn.jsdelivr.net *.transcend.io *.marketo.com *.mutinycdn.com *.mutinyhq.com *.wistia.net *.wistia.com *.mutinyhq.io analytics.google.com *.zi-scripts.com *.adnxs.com *.6sc.co *.crazyegg.com *.oribi.io *.segment.com *.6sense.com *.segment.io *.mktoresp.com *.zoominfo.com *.gravatar.com unpkg.com *.jquery.com www.googletagmanager.com fast.wistia.net *.marketo.net *.doubleclick.net *.bing.com www.googleadservices.com www.google-analytics.co *.facebook.net *.licdn.com *.g2crowd.com ipinfo.io *.qualified.com *.bizible.com *.google-analytics.com *.facebook.com *.linkedin.com *.google.com *.google.co.in *.bizibly.com *.googleapis.com *.googlesyndication.com googlesyndication.com page2.googlesyndication.com *.googlesyndication.com *.capterra.com securityscorecard.com *.litix.io *.tryinteract.com *.knotch.it *.mindtickle.com *.cookielaw.org *.onetrust.com *.sayprimer.com *.ipapi.co ipapi.co js-de.sentry-cdn.com browser.sentry-cdn.com sentry-cdn.com *.sentry-cdn.com cdn.optimizely.com logx.optimizely.com tr.capterra.com a6371731711983616.cdn.optimizely.com app.optimizely.com api.zaius.com *.zaius.com d1igp3oop3iho5.cloudfront.net www.clarity.ms *.pdscrb.com www.clarity.ms *.pdscrb.com *.clarity.ms; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: wss: 127.0.0.1 *.ashbyhq.com https://tags.fullcontact.com *.remarketstats.com *.redditstatic.com *.liadm.com *.usbrowserspeed.com *.getwarmly.com *.amazonaws.com transcend-cdn.com www.knotch-cdn.com *.knotch-cdn.com yoast.com *.yoast.com prod.impartner.live *.impartner.live packages.prmcdn.io *.prmcdn.io *.spotify.com *.cloudfront.net *.pactsafe.io *.storylane.io *.ironcladapp.com *.ironcladhq.com *.wpengine.com *.wpenginepowered.com cdn.jsdelivr.net *.transcend.io *.marketo.com *.mutinycdn.com *.wistia.net *.wistia.com *.mutinyhq.io analytics.google.com *.zi-scripts.com *.adnxs.com *.6sc.co *.crazyegg.com *.oribi.io *.segment.com *.6sense.com *.segment.io *.mktoresp.com *.zoominfo.com *.gravatar.com unpkg.com *.jquery.com www.googletagmanager.com fast.wistia.net *.marketo.net *.doubleclick.net *.bing.com www.googleadservices.com www.google-analytics.co *.facebook.net *.licdn.com *.g2crowd.com ipinfo.io *.qualified.com *.bizible.com *.google-analytics.com *.facebook.com *.linkedin.com *.google.com *.google.co.in *.bizibly.com *.googleapis.com *.googlesyndication.com googlesyndication.com page2.googlesyndication.com *.googlesyndication.com *.capterra.com securityscorecard.com *.litix.io *.tryinteract.com *.mindtickle.com *.cookielaw.org *.onetrust.com *.sayprimer.com *.ipapi.co ipapi.co js-de.sentry-cdn.com browser.sentry-cdn.com sentry-cdn.com *.sentry-cdn.com cdn.optimizely.com logx.optimizely.com tr.capterra.com a6371731711983616.cdn.optimizely.com app.optimizely.com api.zaius.com *.zaius.com d1igp3oop3iho5.cloudfront.net www.clarity.ms *.pdscrb.com www.clarity.ms *.pdscrb.com *.clarity.ms; img-src 'self' blob: data: wss: files.bugherd.com www.bugherd.com *.addevent.com https://www.bugherd.com *.spotify.com alb.reddit.com pixel-config.reddit.com *.akamaihd.net *.cloudfront.net *.pactsafe.io *.storylane.io *.ironcladhq.com *.wpengine.com *.wpenginepowered.com cdn.jsdelivr.net *.transcend.io *.marketo.com *.mutinycdn.com *.wistia.net *.wistia.com *.mutinyhq.io analytics.google.com *.zi-scripts.com *.adnxs.com *.6sc.co *.crazyegg.com *.oribi.io *.segment.com *.6sense.com *.segment.io *.mktoresp.com *.zoominfo.com *.gravatar.com unpkg.com *.jquery.com www.googletagmanager.com fast.wistia.net *.marketo.net *.doubleclick.net *.bing.com www.googleadservices.com www.google-analytics.co *.facebook.net *.licdn.com *.g2crowd.com ipinfo.io *.qualified.com *.bizible.com *.google-analytics.com *.facebook.com *.linkedin.com *.google.com *.google.co.in *.bizibly.com *.googleapis.com *.googlesyndication.com googlesyndication.com page2.googlesyndication.com *.googlesyndication.com *.capterra.com securityscorecard.com *.litix.io *.tryinteract.com *.knotch.it *.mindtickle.com *.cookielaw.org *.onetrust.com cdn.optimizely.com logx.optimizely.com tr.capterra.com a6371731711983616.cdn.optimizely.com app.optimizely.com api.zaius.com *.zaius.com d1igp3oop3iho5.cloudfront.net www.clarity.ms *.pdscrb.com www.clarity.ms *.pdscrb.com *.clarity.ms; font-src 'self' wss: blob: data: *.transcend.io *.lottiefiles.com *.mutinycdn.com ipinfo.io *.ironcladhq.com *.wpengine.com *.wpenginepowered.com *.wistia.net *.wistia.com *.gstatic.com *.tryinteract.com fast.wistia.net *.mindtickle.com api.zaius.com *.zaius.com d1igp3oop3iho5.cloudfront.net www.clarity.ms *.pdscrb.com www.clarity.ms *.pdscrb.com *.clarity.ms; media-src 'self' blob: data: wss: *.transcend.io *.ironcladhq.com *.wpengine.com ipinfo.io *.wpenginepowered.com *.storylane.io *.mutinycdn.com *.litix.io *.tryinteract.com *.wistia.com fast.wistia.net *.mindtickle.com *.cookielaw.org *.onetrust.com api.zaius.com *.zaius.com d1igp3oop3iho5.cloudfront.net www.clarity.ms *.pdscrb.com www.clarity.ms *.pdscrb.com *.clarity.ms; frame-ancestors https://ironcladapp.wpenginepowered.com *.wistia.net *.ashbyhq.com *.wistia.com *.mindtickle.com *.cookielaw.org *.onetrust.com *.bugsnag.com *.ashbyhq.com www.clarity.ms *.pdscrb.com www.clarity.ms *.pdscrb.com *.clarity.ms; connect-src 'self' http://www.w3.org https://www.w3.org https://www.googletagmanager.com https://www.facebook.com https://bat.bing.com https://tracking-api.g2.com https://stats.g.doubleclick.net https://pagestates-tracking.crazyegg.com https://api.fullcontact.com https://assets-tracking.crazyegg.com https://idx.liadm.com https://www.redditstatic.com https://conversions-config.reddit.com https://528-qbh-821.mktoresp.com https://tracking.crazyegg.com https://rp.liadm.com https://script.crazyegg.com https://cdn.segment.com https://api.segment.io https://www.googleadservices.com https://pixel-config.reddit.com https://web-script.api.sayprimer.com https://www.google.com https://analytics.google.com https://ipinfo.io https://app.qualified.com wss://ws2.qualified.com https://px.ads.linkedin.com *.bugsnag.com *.ashbyhq.com *.cookielaw.org https://unpkg.com *.onetrust.com https://epsilon.6sense.com https://ipapi.co https://*.6sc.co https://j.6sc.co https://secure.adnxs.com *.mutinycdn.com *.mutinyhq.io *.google-analytics.com *.googlesyndication.com googlesyndication.com page2.googlesyndication.com *.googlesyndication.com js-de.sentry-cdn.com browser.sentry-cdn.com sentry-cdn.com *.sentry-cdn.com https://o196550.ingest.us.sentry.io *.ingest.us.sentry.io cdn.optimizely.com logx.optimizely.com tr.capterra.com a6371731711983616.cdn.optimizely.com app.optimizely.com api.zaius.com *.zaius.com d1igp3oop3iho5.cloudfront.net www.clarity.ms *.pdscrb.com www.clarity.ms *.pdscrb.com *.clarity.ms; frame-src 'self' blob: *.ashbyhq.com https://quiz.tryinteract.com https://explore.ironcladapp.com https://*.ironcladhq.com https://ironclad.storylane.io https://fast.wistia.net https://www.google.com https://analytics.google.com https://ipinfo.io https://app.qualified.com wss://ws2.qualified.com https://px.ads.linkedin.com https://www.googletagmanager.com https://i.liadm.com https://accounts.google.com https://googlesyndication.com https://page2.googlesyndication.com https://*.googlesyndication.com cdn.optimizely.com logx.optimizely.com a6371731711983616.cdn.optimizely.com app.optimizely.com api.zaius.com *.zaius.com d1igp3oop3iho5.cloudfront.net www.clarity.ms *.pdscrb.com www.clarity.ms *.pdscrb.com *.clarity.ms;
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
Performance Headers
4 headers
Accept-Ranges
Performance
bytes
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding
Caching Headers
3 headers
Cache-Control
Caching
no-store, no-cache, must-revalidate, private
Expires
Caching
0
Pragma
Caching
no-cache
Content Headers
1 headers
Content-Type
Content
text/html; charset=UTF-8
Server Headers
1 headers
X-Powered-By
Server
WP Engine
CORS Headers
3 headers
Access-Control-Allow-Headers
Cors
Authorization, Content-Type
Access-Control-Allow-Methods
Cors
GET, POST, OPTIONS
Access-Control-Allow-Origin
Cors
https://ironcladapp.wpengine.com
Cookies Headers
0 headers
No cookies headers found
Other Headers
8 headers
Alt-Svc
Other
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Date
Other
Thu, 15 Jan 2026 13:16:25 GMT
Via
Other
1.1 google
X-Cache
Other
MISS
X-Cache-Group
Other
normal
X-Cacheable
Other
NO:Private
X-Mu-Proof
Other
1
X-Orig-Cache-Control
Other
no-store, no-cache, must-revalidate, private
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology