Open
Cached
·
just now
29
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
Basic
script-src; img-src; object-src; +1 more
script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://www.googletagmanager.com/ https://js.navattic.com/ https://capture.navattic.com/ https://js.hs-scripts.com/ https://bat.bing.com/ https://connect.facebook.net/ https://t.visitorqueue.com/ https://js.driftt.com/ https://tracking.g2crowd.com/ https://www.clarity.ms/ https://i.clarity.ms/ https://snap.licdn.com/ https://tag.pearldiver.io/ https://googleads.g.doubleclick.net/ https://js.hs-analytics.net/ https://js.hubspot.com/ https://track.hubspot.com/ https://js.hsleadflows.net/ https://js.hs-banner.com/ https://js.hsadspixel.net/ https://js.zi-scripts.com/ https://ws-assets.zoominfo.com/ https://a.usbrowserspeed.com/ https://tags.clickagy.com/ https://js.adsrvr.org/ https://i.liadm.com/ https://js.hsforms.net/ https://*.fs1.hubspotusercontent-na1.net/ https://20898597.fs1.hubspotusercontent-na1.net/ https://js.chilipiper.com/ https://www.clickcease.com/ https://boards.greenhouse.io/ https://www.tfaforms.com/ https://www.google.com/ https://c.clarity.ms/ https://assets.adobedtm.com/ https://twin-iq.kickfire.com/ https://demo.rectanglehealth.com/ https://stackadapt.com https://tags.srv.stackadapt.com https://srv.stackadapt.com https://ap.srv.stackadapt.com/ https://east.srv.stackadapt.com https://uw.srv.stackadapt.com https://eu.srv.stackadapt.com https://qvdt3feo.com/ https://www.gstatic.com https://scripts.clarity.ms https://nitroscripts.com/ https://*.visitorqueue.com/ https://*.personizely.net https://www.rectanglehealth.com/; img-src 'self' data: blob: https://t.visitorqueue.com/ https://px.ads.linkedin.com/ https://www.facebook.com/ https://perf-na1.hsforms.com/ https://www.google.com/ https://bat.bing.com/ https://track.hubspot.com/ https://aorta.clickagy.com/ https://us-u.openx.net/ https://i.liadm.com/ https://idsync.rlcdn.com/ https://dpm.demdex.net/ https://pixel-sync.sitescout.com/ https://forms-na1.hsforms.com/ https://www.googletagmanager.com/ https://images.g2crowd.com/ https://googleads.g.doubleclick.net/ https://aa.agkn.com/ https://www.linkedin.com/ https://c.clarity.ms/ https://c.bing.com/ https://d.agkn.com/ https://cm.g.doubleclick.net/ https://assets.adobedtm.com/ https://twin-iq.kickfire.com/ https://tags.srv.stackadapt.com https://*.ads.linkedin.com/ https://*.visitorqueue.com/ https://*.personizely.net https://www.rectanglehealth.com/; object-src 'self' data: blob: https://demo.rectanglehealth.com/ https://www.googletagmanager.com/ https://td.doubleclick.net/ https://js.driftt.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://i.liadm.com/ https://s.pointerpro.com/ https://job-boards.greenhouse.io/ https://www.tfaforms.com/ https://*.personizely.net https://pcihipaa.com/ https://rectanglehealth.chilipiper.com/ https://forms.hsforms.com/ https://c.clarity.ms/ https://*.youtube.com/ https://youtube.com/ https://assets.adobedtm.com https://*.fls.doubleclick.net/ https://track.hubspot.com/ https://capture.navattic.com/ https://tags.srv.stackadapt.com https://www.google.com; frame-src 'self' data: blob: https://demo.rectanglehealth.com/ https://www.googletagmanager.com/ https://td.doubleclick.net/ https://js.driftt.com/ https://insight.adsrvr.org/ https://match.adsrvr.org/ https://i.liadm.com/ https://s.pointerpro.com/ https://job-boards.greenhouse.io/ https://www.tfaforms.com/ https://*.personizely.net https://pcihipaa.com/ https://rectanglehealth.chilipiper.com/ https://forms.hsforms.com/ https://c.clarity.ms/ https://*.youtube.com/ https://youtube.com/ https://assets.adobedtm.com https://*.fls.doubleclick.net/ https://track.hubspot.com/ https://capture.navattic.com/ https://tags.srv.stackadapt.com https://www.google.com
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding,Cookie
Caching Headers
2 headers
Cache-Control
Caching
max-age=600, must-revalidate
Last-Modified
Caching
Sun, 18 Jan 2026 15:55:53 GMT
Content Headers
1 headers
Content-Type
Content
text/html; charset=UTF-8
Server Headers
2 headers
Server
Server
cloudflare
X-Powered-By
Server
WP Engine
CORS Headers
1 headers
Access-Control-Allow-Origin
Cors
https://www.rectanglehealth.com
Cookies Headers
1 headers
Set-Cookie
Cookies
__cf_bm=eETjwcz9ab1wB1PRm8tmROi.ydDkcfQwKw9AYvnYefo-1768751753-1.0.1.1-oTgyfwx60s1dpNH6EyxJwqqS2KeOoeFUqmhryGl9bc5Osx.2kDqkgQj2h0t.9vvA8UYxGaXcm11Qxw7nna0DdjpD7NBIzGTcHDP1wCQr.JI; path=/; expires=Sun, 18-Jan-26 16:25:53 GMT; domain=.www.rectanglehealth.com; HttpOnly; Secure; SameSite=None
Other Headers
14 headers
Accept-Ch
Other
Sec-CH-UA-Mobile
Alt-Svc
Other
h3=":443"; ma=86400
Cf-Cache-Status
Other
EXPIRED
Cf-Ray
Other
9bff477bedc43b5a-IAD
Date
Other
Sun, 18 Jan 2026 15:55:53 GMT
Link
Other
<https://www.rectanglehealth.com/>; rel=shortlink
X-Cache
Other
HIT: 16
X-Cache-Ctime
Other
1768598631
X-Cache-Group
Other
normal
X-Cacheable
Other
SHORT
X-Nitro-Cache
Other
HIT
X-Nitro-Cache-From
Other
drop-in
X-Nitro-Rev
Other
6bc4b66
X-Orig-Cache-Control
Other
no-cache
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology