andersgravoschakt.se
andersgravoschakt.se
HTML metadata
Technology
- Server
- Apache
- Analytics
-
- Google Tag Manager
- Fonts
-
- Google Fonts
Third-party hosts loaded (2)
- fonts.googleapis.com×1
- www.googletagmanager.com×1
Contact
DNS records live
- NS
-
- dns1.hostingcentar.com
- dns2.hostingcentar.com
- MX
-
- 0 andersgravoschakt.se
Email authentication weak
- SPF
-
v=spf1 +mx +a +ip4:65.21.84.73 +include:spf.sagitta.hostingcentar.com ~allsoftfail (~all) - DMARC
- not published
- DKIM
-
- default:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FOekzMMYI3nUmhr3A2hJnDubYkadFtmFYd1RaxfWSha6zLz5CkbEWh+HrtWrg/aTWGhQ3gIJBFsgp…
selectors probed - default:
Certificate (current)
R12
Expires in 58 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://www.googleadservices.com https://cdn.jsdelivr.net https://googleads.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com https://www.google.hr https://*.analytics.google.com https://*.googlesyndication.com https://www.google.com https://*.usercentrics.eu https://*.google-analytics.com https://www.googletagmanager.com https://web.cmp.usercentrics.eu https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://m.addthisedge.com https://m.addthis.com https://graph.facebook.com https://widgets.pinterest.com https://maps.google.com https://csi.gstatic.com https://maps.gstatic.com https://maps.googleapis.com https://www.linkedin.com http://localhost https://player.vimeo.com/ ;- strict-transport-security
max-age=63072000; includeSubdomains; preload