operan.se

HTML metadata

Title

Kungliga Operan | Sveriges nationalscen för opera och balett

Description

Kungliga Operan i Stockholm är också Kungliga Baletten, Unga Operan, Kungliga Hovkapellet och Kungliga Operans kör: tillsammans skapar vi upplevelser för vuxna, unga, barn och familjer.

Language

sv

Canonical

https://www.operan.se/

Translations

en
sv

Open Graph

url: https://www.operan.se/
title: Kungliga Operan | Sveriges nationalscen för opera och balett
locale: sv
site name: Kungliga Operan
description: Kungliga Operan i Stockholm är också Kungliga Baletten, Unga Operan, Kungliga Hovkapellet och Kungliga Operans kör: tillsammans skapar vi upplevelser för vuxna, unga, barn och familjer.

Technology

CDN: Cloudflare

Analytics

Google Tag Manager

Cookie consent

Cookiebot

Third-party hosts loaded (2)

consent.cookiebot.com×1
www.googletagmanager.com×1

Social

DNS records live

NS

renan.ns.cloudflare.com
sasha.ns.cloudflare.com

MX

10 operan-se.mail.protection.outlook.com

TXT

Show 11 TXT records

asst1rlrvi1qfqrjc8qh7vg92f
1du5rrvoqdkqoli9cvl2kbheu0
autodesk-domain-verification=X8UeGZqeU8-9IyI5MPcg
ayW/eihsisyaN7lFD1S7LoqSenZRuAL93FDoB42ASEH3PGKHcpZQmcEKtxX0sILUmYjo/2PtW6brpptgpok2Fg==
srcj6ouq945l424qr7hekq0kag
MS=5002A436731D613C6BE940F8C0389ED749155F48
migf6b4qcq4nqsei3lo76trnvi
rf48sk7fq0j72g1khtk50fm564
fgp4rjl5sg60v6sk2jan7mmr6o
atlassian-sending-domain-verification=7e422665-9e96-4ddc-9b3d-72a0199140ae
hkn88pf347m6bb5ab9vgeuk5v0

Verified for

Anthropic
Apple
Atlassian
GlobalSign
Google
OpenAI

Email authentication strong

SPF

v=spf1 a ip4:213.136.41.170/32 ip4:168.245.63.214/32 include:spf.dynect.net include:fsspfeuc.freshemail.io include:spf.protection.outlook.com include:_spf.mailgun.org include:_spf.eu.mailgun.org ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:3ba4b921acbf4479b4ca68dd7fe032fe@dmarc-reports.cloudflare.net;

policy: quarantine

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCejx47Eg7QU6FrtD+AIHxvrQObA/f5UrJztkGP3F2/i9GpDQg2qUe3zjxZA8FxkimqTV7Z4vDkjTuYabHNn2…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtql97QNBdltLnuWF6wm8pu9rpgC0quYqeeSvVV5Q0LLY3LtfpJqU6Qorn82mc3amnAq3UvoC5cry5D…

selectors probed

Certificate (current)

E8

from 2026-05-01 to 2026-07-30

Expires in 71 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.operan.se/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://applepay.cdn-apple.com https://ecom.payex.com https://*.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://via.tt.se https://kungligaoperan.prospect2.com https://www.google.com https://www.gstatic.com https://connect.facebook.net https://www.googleadservices.com https://pagead2.googlesyndication.com https://*.g.doubleclick.net https://sc-static.net https://analytics.tiktok.com https://bat.bing.com https://tr.snapchat.com https://trackcmp.net https://prism.app-us1.com https://diffuser-cdn.app-us1.com https://mhm-survey.com https://www.mhm-survey.com https://mhmrelationships.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://imgsct.cookiebot.com https://i.ytimg.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.google.com https://*.google.se https://www.facebook.com https:/
strict-transport-security: max-age=63072000; includeSubDomains

Links to (5)

Linked from (1)

mariannashirinyan.com×1