Open
Cached
·
just now
37
Headers
Detected Technologies from Headers
Gravatar
AWS
Buzzsprout
Clickagy
Cloudflare CDNJS
Facebook
Font Awesome
Google Analytics
Google Conversion Tracking
Google DoubleClick
Google Fonts
Google Search
Google Static File Front End
Google Tag Manager
HubSpot
HubSpot Analytics
HubSpot Forms
HubSpot Live Chat
jsDelivr
LinkedIn
New Relic
Nginx
Osano
Pantheon
Segment
Varnish
YouTube
ZoomInfo
Google Cloud
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
browsing-topics=(), accelerometer=(), autoplay=(); +20 more
Recommendations
- • Strengthen CSP by removing 'unsafe-eval'
Performance Headers
Accept-Ranges
bytes
Connection
close
Vary
Accept-Encoding, Cookie, Cookie
accept-ranges: bytes connection: close vary: Accept-Encoding, Cookie, Cookie
Caching Headers
Age
18584
Cache-Control
public, max-age=60, s-maxage=43200, stale-while-revalidate=86400, stale-if-error=604800
age: 18584 cache-control: public, max-age=60, s-maxage=43200, stale-while-revalidate=86400, stale-if-error=604800
Content Headers
Content-Length
149761
Content-Type
text/html; charset=UTF-8
content-length: 149761 content-type: text/html; charset=UTF-8
Server Headers
Server
nginx
server: nginx
CORS Headers
Access-Control-Allow-Headers
Content-Type, Authorization
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
access-control-allow-headers: Content-Type, Authorization access-control-allow-methods: GET,POST access-control-allow-origin: *
Cookies Headers
Other Headers
Cross-Origin-Embedder-Policy-Report-Only
unsafe-none; report-to='default'
Cross-Origin-Opener-Policy-Report-Only
unsafe-none; report-to='default'
Date
Sat, 25 Apr 2026 13:21:46 GMT
Link
rel=https://api.w.org/
rel=alternate
title=JSON
type=application/json
rel=shortlink
Via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT, MISS, MISS
X-Cache-Hits
3, 0, 0, 0
X-Content-Security-Policy
default-src 'self'; img-src *; media-src * data:;
X-Pantheon-Styx-Hostname
styx-us-a-585b48f5c5-k6v82
X-Permitted-Cross-Domain-Policies
none
X-Served-By
cache-chi-kigq8000056-CHI, cache-lga21973-LGA, cache-lga21976-LGA, cache-lga21976-LGA
X-Styx-Req-Id
707714fa-407e-11f1-813f-a2d5df893bc4
X-Tec-Api-Origin
https://openssf.org
X-Tec-Api-Root
https://openssf.org/wp-json/tribe/events/v1/
X-Tec-Api-Version
v1
X-Timer
S1777123307.988258,VS0,VE8
cross-origin-embedder-policy-report-only: unsafe-none; report-to='default' cross-origin-opener-policy-report-only: unsafe-none; report-to='default' date: Sat, 25 Apr 2026 13:21:46 GMT link: <https://openssf.org/wp-json/>; rel="https://api.w.org/", <https://openssf.org/wp-json/wp/v2/pages/5>; rel="alternate"; title="JSON"; type="application/json", <https://openssf.org/>; rel=shortlink via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish x-cache: HIT, HIT, MISS, MISS x-cache-hits: 3, 0, 0, 0 x-content-security-policy: default-src 'self'; img-src *; media-src * data:; x-pantheon-styx-hostname: styx-us-a-585b48f5c5-k6v82 x-permitted-cross-domain-policies: none x-served-by: cache-chi-kigq8000056-CHI, cache-lga21973-LGA, cache-lga21976-LGA, cache-lga21976-LGA x-styx-req-id: 707714fa-407e-11f1-813f-a2d5df893bc4 x-tec-api-origin: https://openssf.org x-tec-api-root: https://openssf.org/wp-json/tribe/events/v1/ x-tec-api-version: v1 x-timer: S1777123307.988258,VS0,VE8
Recommendations
Enable compression (gzip/brotli) to improve performance