HTTP Headers report for nbcolympics.com

Header Name	Header Data
HTTP status code	200
Last-Modified	Fri, 18 Apr 2025 22:25:05 GMT
Content-Security-Policy	frame-ancestors 'self' http://mobilevjs.nbcsports.com http://sprtsecureassets.akamaized.net *.nbcolympics.com nbcolympics.com
X-Content-Security-Policy	frame-ancestors 'self' http://mobilevjs.nbcsports.com http://sprtsecureassets.akamaized.net *.nbcolympics.com nbcolympics.com
X-Akamai-Transformed	9 109502 0 pmb=mRUM,1
Server-Timing	cdn-cache; desc=REVALIDATE
Content-Language	en
X-Frame-Options	SAMEORIGIN
X-Request-Id	v-faab8d1a-1ca3-11f0-93fb-272324290d24
X-Cache-Hits	47
Expires	Sat, 19 Apr 2025 00:18:47 GMT
Content-Type	text/html; charset=UTF-8
Strict-Transport-Security	max-age=1000
Accept-Ranges	bytes
Akamai-Request-Bc	[a=2.17.160.89,b=272426911,c=g,n=NL__HAARLEM,o=20940],[c=c,n=NL__HAARLEM,o=20940],[a=9,c=o]
Connection	keep-alive
Access-Control-Allow-Credentials	true
Server	nginx
Access-Control-Allow-Headers	*
Etag	"1745015105"
Referrer-Policy	no-referrer-when-downgrade
Vary	Accept-Encoding
Ak-Reference-Id	0.59a01102.1745021326.103ce79f
Access-Control-Allow-Origin
X-Content-Type-Options	nosniff
X-Generator	Drupal 10 (https://www.drupal.org)
X-Ah-Environment	prod
Cache-Control	public, max-age=600
Access-Control-Allow-Methods	GET,POST,OPTIONS
X-Drupal-Dynamic-Cache	HIT
X-Age	822
Date	Sat, 19 Apr 2025 00:08:47 GMT
Access-Control-Expose-Headers	*

About the tool

By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.

This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.

We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.

Watch it now at TrustRadar