Open
Cached
·
just now
25
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=63072000; includeSubDomains
Content-Security-Policy
Basic
default-src; script-src; style-src; +9 more
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://play.vidyard.com https://www.devo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.bugherd.com https://acsbapp.com https://js.hs-analytics.net https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://devo734.outgrow.us https://js.hs-scripts.com https://dyv6f9ner1ir9.cloudfront.net https://sidebar.bugherd.com https://play.vidyard.com https://www.gartner.com https://cdnjs.cloudflare.com https://googleads.g.doubleclick.net https://js.hsforms.net https://view.ceros.com https://www.googleadservices.com https://cdn.mouseflow.com https://connect.facebook.net https://static.ads-twitter.com https://snap.licdn.com https://tag.demandbase.com https://ws.zoominfo.com https://j.6sc.co https://cdn.pdst.fm https://jobs.jobvite.com https://js.hubspot.com https://optimize.google.com https://www.googleoptimize.com https://yoast.com https://my.yoast.com https://dev.visualwebsiteoptimizer.com https://www.devo.com https://js.storylane.io/js/v1/storylane.js https://js.storylane.io https://www.google.com https://www.gstatic.com https://www.youtube.com https://bugcrowd.com/ https://assets.bugcrowdusercontent.com/assets/packs/external_submissions-b3f69456b390e9020f61ae89e8eec3f6c050062571ce52bcb6fda6d0d81e2828.js https://static.hotjar.com https://script.hotjar.com/ https://bat.bing.com https://www.clarity.ms google-analytics.com www.google-analytics.com ssl.google-analytics.com stats.g.doubleclick.net ajax.googleapis.com translate.googleapis.com translate.google.com www.googletagmanager.com googletagmanager.com tagmanager.google.com; style-src 'self' 'unsafe-inline' data: https://www.gartner.com https://optimize.google.com https://www.googleoptimize.com https://pagead2.googlesyndication.com/pagead/buyside_topics/set https://www.devo.com fonts.googleapis.com translate.googleapis.com www.googletagmanager.com tagmanager.google.com; img-src 'self' data: https://track.hubspot.com https://play.vidyard.com https://cdn.vidyard.com https://reviews.static.gartner.com https://forms.hsforms.com https://forms-na1.hsforms.com https://sidebar.bugherd.com https://d2iiunr5ws5ch1.cloudfront.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://analytics.twitter.com https://googleads.g.doubleclick.net https://www.facebook.com https://id.rlcdn.com https://b.6sc.co https://t.co https://segments.company-target.com https://connect.facebook.net https://cdn.acsbapp.com https://www.linkedin.com https://perf-na1.hsforms.com https://optimize.google.com https://ps.w.org https://ad.doubleclick.net https://via.placeholder.com https://cta-service-cms2.hubspot.com https://dev.visualwebsiteoptimizer.com https://www.devo.com https://static.hubspot.com https://www.gstatic.com https://www.google.com https://static.hsappstatic.net https://i.ytimg.com https://hcti.io/v1/image/9efe83a8-37ab-4130-8e49-0c314f7d5104 https://www.gartner.com/peer-insights/vendor-portal/public/Widget/img/stars.png https://devo-uploads.s3.amazonaws.com/uploads/2024/12/bottom-line.png https://devo-uploads.s3.amazonaws.com/uploads/2024/12/Rectangle-4311.jpg https://devo-uploads.s3.amazonaws.com https://www.gartner.com https://bat.bing.com https://www.googleadservices.com https://adservice.google.com s.w.org ps.w.org ts.w.org secure.gravatar.com www.gravatar.com data: blob: google-analytics.com www.google-analytics.com ssl.google-analytics.com www.google.com translate.googleapis.com translate.google.com www.gstatic.com www.googletagmanager.com; connect-src 'self' https://js.hs-banner.com https://cdn.acsbapp.com https://forms.hubspot.com https://sessions.bugsnag.com https://notify.bugsnag.com https://api.hubapi.com https://forms.hsforms.com https://hubspot-forms-static-embed.s3.amazonaws.com https://n2.mouseflow.com https://cdn.linkedin.oribi.io https://ipv6.6sc.co https://api.company-target.com https://tag-logger.demandbase.com https://us-central1-adaptive-growth.cloudfunctions.net https://secure.adnxs.com https://ws.zoominfo.com https://c.6sc.co https://segments.company-target.com https://cta-service-cms2.hubspot.com https://pagead2.googlesyndication.com https://my.yoast.com https://acsbapp.com https://px.ads.linkedin.com https://dev.visualwebsiteoptimizer.com https://www.devo.com https://forms-na1.hsforms.com https://www.gstatic.com https://www.google.com https://pixels.spotify.com/v1/ingest wss://ws.hotjar.com/api/v2/client/ws https://content.hotjar.io/ https://autocomplete.demandbase.com/api/v5/email.json https://forms-na1.hubspot.com/submissions-validation/v1/validate/3911167/93b708a5-5a2c-429c-bc2d-3abd34960db7 https://forms-na1.hubspot.com/submissions-validation/v1/validate/3911167/1979e138-a1d1-4cb4-8e79-4a18547c5ce2 https://vc.hotjar.io/ https://www.google-analytics.com/ https://metrics.hotjar.io/ https://p.clarity.ms https://google.com https://api.storylane.io https://e.clarity.ms https://bat.bing.com https://ad.doubleclick.net https://l.clarity.ms www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: translate.googleapis.com www.googletagmanager.com; font-src 'self' data: https://www.gartner.com https://www.devo.com data: fonts.gstatic.com fonts.googleapis.com; object-src 'self' ; media-src 'self' https://www.devo.com; frame-src 'self' https://devo734.outgrow.us https://sidebar.bugherd.com https://play.vidyard.com https://www.gartner.com https://view.ceros.com data: blob: https://cdn.vidyard.com https://playlist.megaphone.fm https://forms.hsforms.com https://11605080.fls.doubleclick.net https://s.company-target.com https://www.facebook.com https://jobs.jobvite.com https://cta-service-cms2.hubspot.com https://3911167.hs-sites.com https://optimize.google.com https://td.doubleclick.net https://www.youtube.com https://www.youtube-nocookie.com https://www.devo.com https://app.storylane.io https://forms-na1.hsforms.com https://www.gstatic.com https://www.google.com https://bugcrowd.com https://devo.storylane.io/ www.googletagmanager.com; child-src 'self' blob: www.googletagmanager.com; upgrade-insecure-requests; block-all-mixed-content;
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Present
camera=()
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
Performance Headers
3 headers
Connection
Performance
close
Transfer-Encoding
Performance
chunked
Vary
Performance
Accept-Encoding,Cookie
Caching Headers
1 headers
Cache-Control
Caching
max-age=600, must-revalidate
Content Headers
1 headers
Content-Type
Content
text/html; charset=UTF-8
Server Headers
2 headers
Server
Server
cloudflare
X-Powered-By
Server
WP Engine
CORS Headers
1 headers
Access-Control-Allow-Origin
Cors
https://devo.com
Cookies Headers
1 headers
Set-Cookie
Cookies
__cf_bm=nlga6pNQVxRCzeOn1yQ0N5aflYTsSNF_jVOB1P8ougo-1768567345-1.0.1.1-xNJiUfiU1ZeuuNenDEFZVQv0v8fQ5fTCXaiOFWmllpv7rA4VynyeAJDKK9.IwWyh6AJZBMmTu.p_pkEBnwc2TRrtnmlm5JuoR4dv5tc0OGI; path=/; expires=Fri, 16-Jan-26 13:12:25 GMT; domain=.www.devo.com; HttpOnly; Secure; SameSite=None
Other Headers
9 headers
Alt-Svc
Other
h3=":443"; ma=86400
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
9bedb15769e7d6f9-IAD
Date
Other
Fri, 16 Jan 2026 12:42:25 GMT
Feature-Policy
Other
camera 'none';
Link
Other
<https://www.devo.com/>; rel=shortlink
X-Cache
Other
HIT: 9
X-Cache-Group
Other
normal
X-Cacheable
Other
SHORT
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology