| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-UBHYsoZTMhd7/EAweDHKC5Ild8HCzKpTndA52BFAv/4=' d14bnm3v6f1aqe.cloudfront.net my.minnesotaorchestra.org web-modules-de-na1.niceincontact.com www.googletagmanager.com cdn.plyr.io www.youtube.com player.vimeo.com cdn.mgln.ai www.google.com connect.facebook.net static.hotjar.com script.hotjar.com; style-src 'self' 'unsafe-inline' d14bnm3v6f1aqe.cloudfront.net my.minnesotaorchestra.org use.typekit.net p.typekit.net web-modules-de-na1.niceincontact.com cdn.plyr.io; img-src 'self' d14bnm3v6f1aqe.cloudfront.net my.minnesotaorchestra.org data: res.cloudinary.com www.googletagmanager.com ao-de-web-modules.s3.us-west-2.amazonaws.com assets-de-na1.niceincontact.com ao-de-services.s3.us-west-2.amazonaws.com api-de-na1.niceincontact.com i.ytimg.com mgln.ai ad.doubleclick.net www.google.com www.google.co.uk googleads.g.doubleclick.net www.google.ie pixel.tapad.com eu.mgln.ai; media-src 'self' d14bnm3v6f1aqe.cloudfront.net my.minnesotaorchestra.org web-modules-de-na1.niceincontact.com; frame-src 'self' web-modules-de-na1.niceincontact.com channels-de-na1.niceincontact.com open.spotify.com www.youtube-nocookie.com player.vimeo.com www.googletagmanager.com www.google.com 14698409.fls.doubleclick.net td.doubleclick.net; frame-ancestors 'self'; font-src 'self' d14bnm3v6f1aqe.cloudfront.net my.minnesotaorchestra.org data: use.typekit.net web-modules-de-na1.niceincontact.com; connect-src 'self' my.minnesotaorchestra.org www.minnesotaorchestra.devspace.net wss: web-modules-de-na1.niceincontact.com app-de-na1.niceincontact.com channels-de-na1.niceincontact.com location-de-na1.niceincontact.com chat-gw-de-na1.niceincontact.com noembed.com cdn.plyr.io vimeo.com www.googletagmanager.com bam.nr-data.net mgln.ai api.swiftype.com www.google.com region1.analytics.google.com www.google.ie stats.g.doubleclick.net ad.doubleclick.net; |
| X-Xss-Protection | 1; mode=block |
| Cache-Control | public, max-age=300, no-transform, stale-while-revalidate=86400, stale-if-error=86400 |
| Etag | W/"689f11bec1340ca25f00df135c383ecd" |
| Referrer-Policy | strict-origin-when-cross-origin |
| Age | 21543 |
| Content-Type | text/html; charset=utf-8 |
| X-Cache | Hit from cloudfront |
| X-Content-Type-Options | nosniff |
| Connection | keep-alive |
| Server | nginx |
| Strict-Transport-Security | max-age=2592000; includeSubDomains |
| Via | 1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront) |
| X-Amz-Cf-Id | k3GcDCM7YHS-AVAJFAI6TOhgsgOKRkz5PYo0oMACGIbycVApifNrZw== |
| X-Frame-Options | SAMEORIGIN |
| X-Amz-Cf-Pop | AMS1-C1 |
| Date | Sat, 19 Apr 2025 08:55:59 GMT |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar