Open
Cached
·
just now
29
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; script-src; connect-src; +5 more
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors 'self' http://alteryx.lookbookhq.com https://alteryx.lookbookhq.com http://alteryx.pathfactory.com https://alteryx.pathfactory.com https://int.bender.rocks https://ayx-sandbox.bender.rocks https://flexo.bender.rocks https://fry.bender.rocks https://perf.bender.rocks https://aml.bender.rocks https://au1.alteryxcloud.com https://eu1.alteryxcloud.com https://preprod.alteryxcloud.com https://us1.alteryxcloud.com https://app.optimizely.com;
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
same-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
Performance Headers
3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding,Cookie
Caching Headers
1 headers
Cache-Control
Caching
no-store, no-cache, must-revalidate, max-age=0
Content Headers
1 headers
Content-Type
Content
text/html; charset=UTF-8
Server Headers
2 headers
Server
Server
cloudflare
X-Powered-By
Server
WP Engine
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
__cf_bm=lq44DvGKyAd4yMfX5pCact8I2rF4GT1hy5C4kUM26UA-1770681713-1.0.1.1-fdd2dN3XI.cLKe8ahT9tMQIB4XTDjKC_4ZLPjOptx6OXb3xEuJmxI4MsG09VTt_4e80dVzFnZHoWbl5YeMUN25U4.pJ_DLW5FxjlLO6UO4k; path=/; expires=Tue, 10-Feb-26 00:31:53 GMT; domain=.www.alteryx.com; HttpOnly; Secure; SameSite=None
Other Headers
15 headers
Accept-Ch
Other
Sec-CH-UA-Mobile
Alt-Svc
Other
h3=":443"; ma=86400
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
9cb755a32e6ce63a-IAD
Date
Other
Tue, 10 Feb 2026 00:01:53 GMT
Link
Other
<https://www.alteryx.com/?p=109943>; rel=shortlink
Proxy_cookie_path
Other
/; secure; HttpOnly
X-Cache
Other
HIT: 4
X-Cache-Ctime
Other
1770393087
X-Cache-Group
Other
normal
X-Cacheable
Other
SHORT
X-Nitro-Cache
Other
HIT
X-Nitro-Cache-From
Other
drop-in
X-Nitro-Rev
Other
ab7caa1
X-Permitted-Cross-Domain-Policies
Other
master-only
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology