| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| X-Frame-Options | SAMEORIGIN |
| X-Kinsta-Cache | HIT |
| X-Xss-Protection | 1; mode=block |
| Vary | Accept-Encoding |
| Date | Sun, 06 Apr 2025 13:21:27 GMT |
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| Referrer-Policy | no-referrer-when-downgrade |
| Via | 1.1 9dfbacf2c8a61beb17591bdaab142956.cloudfront.net (CloudFront) |
| Access-Control-Allow-Origin | * |
| Report-To | {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gYxLTGc25vvm69GBEu9CLgK2Syeqd2YyeHRmB8OOqoiK6DTsAzYXBBw%2BMWGaAZwvfH1fyMlJAO%2FY9RkcL65iC8zikYNDoX2kWGOXxjs%2FQEyTT4esqKhzhBh1okfJmpQ%3D"}],"group":"cf-nel","max_age":604800} |
| Content-Security-Policy | default-src 'self' *.google.com *.lusha.com https://www.g2.com https://gist.github.com localhost https://*.clarity.ms https://c.bing.com 'unsafe-inline'; img-src 'self' data: https://forms.hsforms.com/ https://forms-na1.hsforms.com/ https://js.chilipiper.com/images/ https://www.g2.com https://www.google.co.uk https://*.googlesyndication.com https://*.ads.linkedin.com https://analytics.twitter.com https://*.intercomcdn.com https://ci5.googleusercontent.com https://cdn.cookielaw.org https://sync-t1.taboola.com https://googleads.g.doubleclick.net/ https://*.privacysandbox.googleadservices.com https://ct.capterra.com/ https://cdn.cookielaw.org/logos https://trc.taboola.com https://cds.taboola.com https://google.com/pagead/ https://i.ytimg.com https://alb.reddit.com/ https://www.google.com/pagead/ https://mk0lplushacrhatidvnw.kinstacdn.com/ https://www.google.com/ads/ga-audiences https://t.co/i/ https://c.bing.com/c.gif https://c.clarity.ms/c.gif https://cx.atdmt.com https://q.quora.com connect.facebook.net www.googletagmanager.com https://s.w.org/images/core/emoji/13.0.0/svg/ https://www.w3.org https://www-services.lusha.com www.linkedin.com embedwistia-a.akamaihd.net https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io *.intercom-attachments.com forms.hubspot.com p.adsymptotic.com www.yesware.com www.outreach.io *.lusha.com ek1m512i34ve2rek3k8v02in-wpengine.netdna-ssl.com salesloft.com www.google.com www.google-analytics.com www.google.co.il *.gstatic.com bat.bing.com www.facebook.com track.hubspot.com stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com https://11988414.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://stats.sa-as.com https://privacy-policy.truste.com https://flagcdn.com https://secure.gravatar.com https://track-eu1.hubspot.com https://perf-eu1.hsforms.com https://downloads.intercomcdn.eu https://static.intercomassets.eu https://media.trustradius.com https://d30ia583fbtg8i.cloudfront.net/images ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.intercomcdn.com data: localhost https://www.trustradius.com/trustquotes/trustquotes.js https://pagead2.googlesyndication.com/ https://js.hsleadflows.net https://www.g2.com https://www.google.com/pagead https://cdn.nmgassets.com https://www.googleadservices.com https://trc.taboola.com https://ssl.google-analytics.com/ga.js https://cdn.taboola.com https://analytics.tiktok.com https://cdn.cookielaw.org https://tpc.googlesyndication.com https://www.redditstatic.com/ads/pixel.js https://mk0lplushacrhatidvnw.kinstacdn.com/ https://tags.crwdcntrl.net https://analytics.twitter.com/ https://cdn.jsdelivr.net/npm/@webcomponents/webcomponentsjs@2.4.1/bundles/webcomponents-sd.js https://ssl.kaptcha.com/collect/sdk https://cdn.jsdelivr.net/npm/@webcomponents/webcomponentsjs@2.4.1/bundles/webcomponents-ce.js https://cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/2.4.1/custom-elements-es5-adapter.js https://static.ads-twitter.com/uwt.js https://unpkg.com/react@16/umd/react.production.min.js https://unpkg.com/react-dom@16/umd/react-dom.production.min.js https://www.clarity.ms js.hs-banner.com js.hsadspixel.net *.lusha.com js.intercomcdn.com https://app.intercom.io widget.intercom.io snap.licdn.com www.comeet.co www.comeet.com forms.hsforms.com js.hsforms.net s.ytimg.com www.googletagmanager.com *.google.com www.google-analytics.com *.googleadservices.com *.typekit.net js.stripe.com connect.facebook.net bat.bing.com sjs.bizographics.com survey.survicate.com surveys-static.survicate.com js.hs-scripts.com js.hs-analytics.net js.usemessages.com tracking.g2crowd.com *.gstatic.com px.ads.linkedin.com www.linkedin.com *.fullstory.com fullstory.com dc.ads.linkedin.com *.salesloft.com *.youtube.com https://cdnjs.cloudflare.com/ajax/libs/js-sha256/ https://stats.sa-as.com/live.js https://unpkg.com/aos@next/dist/aos.js https://ipinfo.io https://extreme-ip-lookup.com https://unpkg.com/@lottiefiles/lottie-player@1.5.7/dist/lottie-player.js https://platform.linkedin.com/in.js https://ml314.com/ https://vi.ml314.com/ https://js.chilipiper.com/marketing.js https://cdn.amcharts.com/ https://js-eu1.hs-scripts.com/ https://js-eu1.hubspot.com/ https://js-eu1.hsleadflows.net/ https://js-eu1.hs-banner.com/ https://js-eu1.hs-analytics.net/ https://js-eu1.hsadspixel.net/fb.js https://ajax.googleapis.com/ https://googleads.g.doubleclick.net/ https://video-messages.intercomcdn.com https://messenger-apps.eu.intercom.io https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://static.intercomassets.eu https://js.partnerstack.com https://d30ia583fbtg8i.cloudfront.net/trustquotes/trustquotes.js https://d30ia583fbtg8i.cloudfront.net/trustquotes/style.css https://sdk.voyantis.io https://*.voyantis.io https://serve.glove.fit https://dhc3d5wa5sazw.cloudfront.net https://logs.glove.fit https://cdnjs.cloudflare.com/ajax/libs/prism/ https://unpkg.com/@lottiefiles/lottie-player@latest/dist/tgs-player.js https://run.pstmn.io/button.js;style-src 'self' 'unsafe-inline' localhost https://www.g2.com https://mk0lplushacrhatidvnw.kinstacdn.com/ https://www.googletagmanager.com *.comeet.co *.comeet.com *.lusha.com *.typekit.net tagmanager.google.com fonts.googleapis.com https://cdnjs.cloudflare.com/ajax/libs/prism/; font-src 'self' data: localhost https://fonts.intercomcdn.com https://www.g2.com https://mk0lplushacrhatidvnw.kinstacdn.com/ https://www.google.com use.typekit.net *.lusha.com js.intercomcdn.com surveys-static.survicate.com fonts.googleapis.com fonts.gstatic.com dudodiprj2sv7.cloudfront.net ; connect-src 'self' data: localhost https://*.voyantis.io https://*.clarity.ms https://px.ads.linkedin.com https://px.ads.linkedin.com https://forms.hsforms.com/embed/ https://forms.hubspot.com/ https://hubspot-forms-static-embed.s3.amazonaws.com/prod/ https://www.google.co.il/ads/ https://api.chilipiper.com/ https://tracking.chilipiper.com/ https://www.g2.com https://api.hubapi.com https://analytics.tiktok.com https://googleads.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/request/v1/consentreceipts https://pagead2.googlesyndication.com https://geolocation.onetrust.com *.taboola.com https://*.crwdcntrl.net/ https://*.google.com https://cdn.cookielaw.org *.lottiefiles.com https://o412513.ingest.sentry.io https://www.clarity.ms bat.bing.com https://www-services.lusha.com api.hubapi.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com http://www-services-local.lusha.co:3030/v2/user-events http://www-services-local.lusha.com:3030/v2/user-events https://private-144d5-gallusha.apiary-mock.com/questions embedwistia-a.akamaihd.net api.hubspot.com *.lusha.com *.fullstory.com respondent.survicate.com www.google-analytics.com scout.salesloft.com www.facebook.com stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com https://ipinfo.io https://api.ipify.org https://ipecho.net https://myexternalip.com https://cta-eu1.hubspot.com https://perf-eu1.hsforms.com https://api-eu1.hubapi.com https://track-eu1.hubspot.com https://forms-eu1.hubspot.com https://tracking.g2crowd.com https://google.com/pagead https://google.com/ccm https://api-iam.eu.intercom.io https://via.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-ping.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://uploads.intercomcdn.eu https://uploads.eu.intercomcdn.com https://partnerlinks.io https://grsm.io dudodiprj2sv7.cloudfront.net https://www.trustradius.com/api/v1/events https://lusha.chilipiper.com https://tracking-api.production.g2.com https://tracking-api.g2.com https://www.redditstatic.com https://pixel-config.reddit.com https://conversions-config.reddit.com https://logs.glove.fit; child-src localhost https://www.g2.com https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net; frame-src localhost https://www.googletagmanager.com https://tpc.googlesyndication.com https://capture.navattic.com https://lusha.chilipiper.com https://www.g2.com https://business.facebook.com https://privacyportal-eu.onetrust.com/ https://*.doubleclick.net https://www.youtube.com/ https://tsdtocl.com/ https://www.linkedin.com www.comeet.com intercom-sheets.com forms.hsforms.com forms.hubspot.com js.stripe.com www.google.com *.lusha.com www.facebook.com *.youtube.com www.comeet.co https://11988414.fls.doubleclick.net; form-action localhost www.facebook.com *.lusha.com https://intercom.help https://api-iam.intercom.io https://forms.hsforms.com/submissions/ https://intercom.help https://api-iam.eu.intercom.io; worker-src blob: *.lusha.com localhost; frame-ancestors 'self' *.lusha.com https://www.lusha-business.com/contact-us; media-src 'self' data: blob: localhost *.lusha.com https://*.intercomcdn.com https://js.intercomcdn.com; object-src 'none'; |
| X-Content-Type-Options | nosniff |
| X-Amz-Cf-Id | _BlD_tWa-m6CBzJJaPMedMtL_rUawjYXB8I8oYPoJNkhkYRUyLnEoA== |
| Content-Type | text/html; charset=UTF-8 |
| Connection | keep-alive |
| Nel | {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} |
| X-Amz-Cf-Pop | AMS58-P4 |
| Cf-Cache-Status | DYNAMIC |
| Link | <https://www.lusha.com/wp-json/>; rel="https://api.w.org/", <https://www.lusha.com/wp-json/wp/v2/pages/26397>; rel="alternate"; title="JSON"; type="application/json", <https://www.lusha.com/>; rel=shortlink |
| Ki-Edge | v=21.0.0;mv=4.0.1 |
| Set-Cookie | __cf_bm=oSaCSHMARGFSZXePvA9wRBIdRecH1dDuhtaoRz8aTAE-1743945687-1.0.1.1-BamSFs_oJDxW9DEoGfm_47cdm79HoAcIbLrhUZKEx4AWrTpPS2m2NeJNG7CycSFHR33RJKMp8cXgZ8VZ1WMUeax.AY0zWMxYT_fZ_A_k7v8; path=/; expires=Sun, 06-Apr-25 13:51:27 GMT; domain=.www.lusha.com; HttpOnly; Secure; SameSite=None |
| X-Cache | Miss from cloudfront |
| Server | rhino-core-shield |
| Cf-Ray | 92c196a15b090606-IAD |
| Ki-Cache-Type | None |
| Permissions-Policy | accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() |
| Ki-Cf-Cache-Status | BYPASS |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar