| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Expires | -1 |
| Set-Cookie | TS0166db00=01189aab9a835f82fccf04095d4eba230aa40775e1e06cbcd0e4e72958feda348d19f0f97bf074bfcbb027c6717180c153b96754bd; Path=/; Domain=.seattle.gov; |
| Content-Type | text/html; charset=utf-8 |
| X-Content-Type-Options | nosniff |
| Content-Security-Policy-Report-Only | img-src data: 15203573.global.siteimproveanalytics.io fonts.gstatic.com www.google.com www.gstatic.com www.seattle.gov 'self' www.googletagmanager.com bugherd-attachments.s3.amazonaws.com cartodb-basemaps-a.global.ssl.fastly.net cartodb-basemaps-b.global.ssl.fastly.net cartodb-basemaps-c.global.ssl.fastly.net cartodb.s3.amazonaws.com cms.seattle.gov content.govdelivery.com d2iiunr5ws5ch1.cloudfront.net education.seattle.gov harrell.seattle.gov live.staticflickr.com powerlines.seattle.gov public.tableau.com sdotblog.seattle.gov sidebar.bugherd.com spdblotter.seattle.gov syndication.twitter.com translate.google.com translate.googleapis.com www.flickr.com www.trumba.com wwwqa.seattle.gov a.gusc.cartocdn.com blob: courts.seattle.gov www.seattlechannel.org; connect-src rum-collector-2.pingdom.net translate.googleapis.com www.google-analytics.com 'self' api.flickr.com cdnjs.cloudflare.com cityenergy-seattle.carto.com data: embedr.flickr.com notify.bugsnag.com region1.google-analytics.com sessions.bugsnag.com sidebar.bugherd.com sockjs.pusher.com translate-pa.googleapis.com wss://ws-mt1.pusher.com www.trumba.com ekr.zdassets.com sdci.zendesk.com api-cdn.usw2.pure.cloud services.arcgis.com; font-src fonts.gstatic.com 'self' data: themes.googleusercontent.com; frame-src platform.twitter.com 'self' data-seattlecitygis.opendata.arcgis.com data.seattle.gov player.vimeo.com public.tableau.com scl.datacapable.com seattlecitygis.maps.arcgis.com spddashboards.seattle.gov syndication.twitter.com ws.petango.com www.facebook.com www.google.com www.instagram.com www.youtube.com sidebar.bugherd.com apps.usw2.pure.cloud gateway.zscalertwo.net maps.seattle.gov; script-src-attr 'unsafe-inline'; script-src-elem 'unsafe-inline' cdn.jwplayer.com cdnjs.cloudflare.com code.jquery.com platform.twitter.com rum-static.pingdom.net siteimproveanalytics.com translate-pa.googleapis.com translate.google.com translate.googleapis.com www.google.com www.googletagmanager.com www.gstatic.com www.seattle.gov www.trumba.com 'self' a.gusc.cartocdn.com ajax.googleapis.com cartodb-libs.global.ssl.fastly.net connect.facebook.net content.govdelivery.com embedr.flickr.com player.vimeo.com public.tableau.com sidebar.bugherd.com spddashboards.seattle.gov ssl.p.jwpcdn.com widgets.flickr.com www.bugherd.com www.flickr.com www.google-analytics.com www.instagram.com static.zdassets.com apps.usw2.pure.cloud www.seattlechannel.org; script-src 'unsafe-eval' connect.facebook.net www.bugherd.com; style-src-attr 'unsafe-inline'; style-src-elem 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com www.gstatic.com 'self' cartodb-libs.global.ssl.fastly.net content.govdelivery.com www.flickr.com www.seattle.gov; report-uri https://seattle.report-uri.com/r/d/csp/wizard |
| Date | Thu, 17 Apr 2025 22:00:29 GMT |
| Content-Length | 57152 |
| Strict-Transport-Security | max-age=16070400; includeSubDomains; preload |
| Cache-Control | no-cache |
| Pragma | no-cache |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar