operabase.com | Analytics by SecurityHeaders

HTTP Headers report for operabase.com

Header Name Header Data
HTTP status code 200
Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nfSnMtFwxCr1Nv4xEhbv%2BoG8P9IVUzn82QmjSifYnmd%2Bbdxno5k%2BLNNQPJN%2BWBmQd4CjmdBdwTyRA2pYPNP3TP3dbOxuHoLIPZ3rNuET2Iz%2BCZOLU4GwRQ3xi9A67CgV5Vpa"}],"group":"cf-nel","max_age":604800}
Server-Timing cfL4;desc="?proto=TCP&rtt=778&min_rtt=751&rtt_var=208&sent=8&recv=10&lost=0&retrans=0&sent_bytes=6423&recv_bytes=2252&delivery_rate=5484848&cwnd=254&unsent_bytes=0&cid=07d9a75a58352dae&ts=486&x=0"
Referrer-Policy origin
Cache-Control private, no-cache, no-store, max-age=0, must-revalidate
Expect-Ct max-age=0
X-Frame-Options SAMEORIGIN
X-Permitted-Cross-Domain-Policies none
Content-Language en
Etag "1220c1-OdlIo1cpny2pFUejvEFyPZh5iI0"
Date Sat, 19 Apr 2025 19:35:47 GMT
Content-Type text/html; charset=utf-8
X-Dns-Prefetch-Control off
X-Download-Options noopen
X-Content-Type-Options nosniff
Vary Accept-Encoding
Connection keep-alive
Content-Security-Policy default-src * 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.operabase.net *.operabase.com *.google.com *.google-analytics.com *.googleadservices.com *.ssl.google-analytics.com *.googletagmanager.com *.tagmanager.google.com maps.googleapis.com *.visualwebsiteoptimizer.com app.vwo.com *.chargebee.com *.hsforms.net *.hsforms.com *.hscollectedforms.net *.hs-scripts.com *.hs-analytics.net *.hsadspixel.net *.hs-banner.com *.usemessages.com *.facebook.net *.cookiebot.com *.appcues.com *.appcues.net *.hsappstatic.net *.newrelic.com *.licdn.com *.segment.com *.stripe.com *.gstatic.com *.lokalise.com *.marker.io *.youtube.com googleads.g.doubleclick.net polyfill.io *.soundcloud.com *.facebook.com *.vimeo.com *.wistia.com *.wistia.net *.mixcloud.com *.dailymotion.com fonts.googleapis.com appleid.cdn-apple.com *.googlesyndication.com fpnpmcdn.net;style-src-elem * 'unsafe-inline';font-src * 'unsafe-inline' data:;img-src * 'unsafe-inline' data: blob:;media-src * 'unsafe-inline' data: blob:;object-src 'none';style-src * 'unsafe-inline';connect-src * 'unsafe-inline';worker-src 'self' blob:
Set-Cookie ob_lang_last=en; Max-Age=31536000; Path=/; Expires=Sun, 19 Apr 2026 19:35:46 GMT; SameSite=Lax
Cf-Cache-Status DYNAMIC
Nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server cloudflare
Cf-Ray 932ed8d50f64fe97-AMS
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Xss-Protection 0

About the tool

By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.

This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.

We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.

Watch it now at TrustRadar