Open
Cached
·
just now
37
Headers
Detected Technologies from Headers
Gravatar
AWS
Buzzsprout
Clickagy
Cloudflare CDNJS
Facebook
Font Awesome
Google Analytics
Google Conversion Tracking
Google DoubleClick
Google Fonts
Google Search
Google Static File Front End
Google Tag Manager
HubSpot
Active incidents
HubSpot Analytics
Active incidents
HubSpot Forms
Active incidents
HubSpot Live Chat
Active incidents
jsDelivr
LinkedIn
New Relic
Nginx
Osano
Pantheon
Segment
Varnish
YouTube
ZoomInfo
Google Cloud
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
browsing-topics=(), accelerometer=(), autoplay=(); +20 more
Recommendations
- • Strengthen CSP by removing 'unsafe-eval'
Performance Headers
Accept-Ranges
bytes
Connection
close
Vary
Accept-Encoding, Cookie, Cookie
accept-ranges: bytes connection: close vary: Accept-Encoding, Cookie, Cookie
Caching Headers
Age
27404
Cache-Control
public, max-age=60, s-maxage=43200, stale-while-revalidate=86400, stale-if-error=604800
age: 27404 cache-control: public, max-age=60, s-maxage=43200, stale-while-revalidate=86400, stale-if-error=604800
Content Headers
Content-Length
149760
Content-Type
text/html; charset=UTF-8
content-length: 149760 content-type: text/html; charset=UTF-8
Server Headers
Server
nginx
server: nginx
CORS Headers
Access-Control-Allow-Headers
Content-Type, Authorization
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
access-control-allow-headers: Content-Type, Authorization access-control-allow-methods: GET,POST access-control-allow-origin: *
Cookies Headers
Other Headers
Cross-Origin-Embedder-Policy-Report-Only
unsafe-none; report-to='default'
Cross-Origin-Opener-Policy-Report-Only
unsafe-none; report-to='default'
Date
Fri, 01 May 2026 17:31:44 GMT
Link
rel=https://api.w.org/
rel=alternate
title=JSON
type=application/json
rel=shortlink
Via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT, MISS, MISS
X-Cache-Hits
24, 0, 0, 0
X-Content-Security-Policy
default-src 'self'; img-src *; media-src * data:;
X-Pantheon-Styx-Hostname
styx-us-a-585b48f5c5-cwsh9
X-Permitted-Cross-Domain-Policies
none
X-Served-By
cache-chi-kigq8000056-CHI, cache-ewr-kewr1740064-EWR, cache-ewr-kewr1740091-EWR, cache-ewr-kewr1740091-EWR
X-Styx-Req-Id
d0d52c1e-4543-11f1-9bdc-4a9a679e6fe4
X-Tec-Api-Origin
https://openssf.org
X-Tec-Api-Root
https://openssf.org/wp-json/tribe/events/v1/
X-Tec-Api-Version
v1
X-Timer
S1777656705.684059,VS0,VE18
cross-origin-embedder-policy-report-only: unsafe-none; report-to='default' cross-origin-opener-policy-report-only: unsafe-none; report-to='default' date: Fri, 01 May 2026 17:31:44 GMT link: <https://openssf.org/wp-json/>; rel="https://api.w.org/", <https://openssf.org/wp-json/wp/v2/pages/5>; rel="alternate"; title="JSON"; type="application/json", <https://openssf.org/>; rel=shortlink via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish x-cache: HIT, HIT, MISS, MISS x-cache-hits: 24, 0, 0, 0 x-content-security-policy: default-src 'self'; img-src *; media-src * data:; x-pantheon-styx-hostname: styx-us-a-585b48f5c5-cwsh9 x-permitted-cross-domain-policies: none x-served-by: cache-chi-kigq8000056-CHI, cache-ewr-kewr1740064-EWR, cache-ewr-kewr1740091-EWR, cache-ewr-kewr1740091-EWR x-styx-req-id: d0d52c1e-4543-11f1-9bdc-4a9a679e6fe4 x-tec-api-origin: https://openssf.org x-tec-api-root: https://openssf.org/wp-json/tribe/events/v1/ x-tec-api-version: v1 x-timer: S1777656705.684059,VS0,VE18
Recommendations
Enable compression (gzip/brotli) to improve performance