| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| X-Ua-Compatible | IE=edge |
| Set-Cookie | dnn_IsMobile=False; path=/; secure; HttpOnly; SameSite=None |
| Strict-Transport-Security | max-age=31536000;includeSubDomains;preload |
| Expires | -1 |
| Vary | Accept-Encoding |
| X-Content-Type-Options | nosniff |
| Cache-Control | no-cache |
| X-Frame-Options | SAMEORIGIN |
| Content-Type | text/html; charset=utf-8 |
| Date | Thu, 17 Apr 2025 21:31:42 GMT |
| X-Xss-Protection | 1; mode=block |
| Content-Security-Policy | frame-ancestors 'self' https://app.hubspot.com https://seeclickfix.com https://youtube.com https://youtu.be; default-src 'self' files.lasvegasnevada.gov; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: dnnapi.com www.instagram.com platform.twitter.com cdnjs.cloudflare.com/ajax/libs/popper.js clvfiles.blob.core.usgovcloudapi.net ok1static.oktacdn.com public.govdelivery.com connect.facebook.net translate.google.com translate.googleapis.com query.yahooapis.com www.gstatic.com cdnjs.cloudflare.com/ajax/libs/moment.js/ translate-pa.googleapis.com *.fontawesome.com www.google.com/recaptcha/ s3.amazonaws.com cdn.seeclickfix.com www.googletagmanager.com https://*.hotjar.com www.google-analytics.com js.hs-scripts.com js.hs-banner.com maxcdn.bootstrapcdn.com js.hs-analytics.net js.usemessages.com www.google-analytics.com googleads.g.doubleclick.net global.oktacdn.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' fonts.googleapis.com maxcdn.bootstrapcdn.com translate.googleapis.com dnnapi.com clvfiles.blob.core.usgovcloudapi.net ok1static.oktacdn.com www.gstatic.com fonts.googleapis.com *.hotjar.com global.oktacdn.com; img-src 'self' www.googletagmanager.com data: lasvegasnevada.gov *.lasvegasnevada.gov *.innovate.vegas *.smugmug.com *.tile.openstreetmap.org global.oktacdn.com ok1static.oktacdn.com clvfiles.blob.core.usgovcloudapi.net img.youtube.com structuredcontentstprod.blob.core.windows.net getimagefromaws20190325085338.azurewebsites.net sawebfilesprod001.blob.core.windows.net files.lasvegasnevada.gov s3.amazonaws.com/web-resources-images/ www.gstatic.com *.ovationtix.com translate.googleapis.com translate.google.com files.lasvegasnevada.gov www.google.com *.hubspot.com fonts.gstatic.com; font-src 'self' data: s3-us-west-2.amazonaws.com ok1static.oktacdn.com maxcdn.bootstrapcdn.com cdnjs.cloudflare.com fonts.googleapis.com fonts.gstatic.com use.typekit.net global.oktacdn.com *.fontawesome.com *.hotjar.com; media-src 'self' *.innovate.vegas files.lasvegasnevada.gov blob: d1iiqllagryue9.cloudfront.net/kclv/; frame-src 'self' seeclickfix.com *.soundcloud.com platform.twitter.com public.govdelivery.com mapdata-lasvegasnevada-gov.appspot.com lasvegas.maps.arcgis.com cityoflasvegas.formstack.com *.lasvegasnevada.gov *.youtube.com youtube.com player.vimeo.com youtu.be *.google.com *.hubspot.com dnnapi.com flysafe.airspacelink.com global.oktacdn.com; connect-src 'self' js.hs-banner.com api.open-meteo.com api.rss2json.com public.govdelivery.com govegas.okta.com dnnapi.com *.fontawesome.com *.hotjar.com *.hotjar.io wss://*.hotjar.com w1.weather.gov translate.googleapis.com translate-pa.googleapis.com *.hubspot.com www.google-analytics.com www.google.com/recaptcha/ d1iiqllagryue9.cloudfront.net/kclv/ sawebfilesprod001.blob.core.windows.net *.lasvegasnevada.gov stats.g.doubleclick.net formstackfurniturerequest.azurewebsites.net https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.2.12/fonts/; |
| Pragma | no-cache |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar