indexo.dev

bonava.com

.com crawl

First seen 2026-04-18 · Last seen 2026-05-13 · ok HTTP/1.1 200 5176 ms crawled 2026-05-12

IE · 52.17.142.199 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Bonava – Investor relations, press and careers
Description
Bonava är en ledande bostadsutvecklare i norra Europa. Vi utvecklar och säljer prisvärda och hållbara bostäder till konsumenter och investerare.
Language
sv
Canonical
https://www.bonava.com/sv
Translations
  • en
  • sv

Open Graph

url
https://www.bonava.com/sv/hem
title
Hem
image:url
https://www.bonava.com/sites/bonava-d10/files/bonava/bonava-og.jpg
site name
Bonava

Technology

CDN
Cloudflare
Analytics
  • Cloudflare Insights
  • Google Tag Manager
Cookie consent
  • OneTrust

Third-party hosts loaded (4)

  • cdn.cookielaw.org×1
  • cdnjs.cloudflare.com×1
  • static.cloudflareinsights.com×1
  • www.googletagmanager.com×1

Social

Registration

Registrar
CSC Corporate Domains, Inc.
Created
2014-09-07
Expires
2026-09-07 111 days left
Updated
2025-09-03
Name servers
  • ns1.netnames.net
  • ns2.netnames.net
  • ns5.netnames.net
  • ns6.netnames.net

DNS records live

NS
  • ns1.netnames.net
  • ns2.netnames.net
  • ns5.netnames.net
  • ns6.netnames.net
MX
  • 0 bonava-com.mail.protection.outlook.com
TXT
Show 12 TXT records
  • bgc3omjhdvovbqaa75gs5nuusq
  • icndvd9kr5lvete0u7fjcuh54v
  • s9usr7lgbofjj4ueb3t34bmo8v
  • 7r76xq9n0l6m2pj0t8mwb3mj5xbghhjt
  • cvz0wvywlrnpk4jgsvhynt98kwvjy1gd
  • n8wvpk756gztv5rp1510l2v82zmcp6jc
  • google-site-verification=QKFE783LWYQC6pObptMS5G6r7b1ie7kyPiDMEU0pwew
  • adobe-idp-site-verification=057735e526cc207cce3e79d453537cbc6dcde0261da5d563c3a7c15a1e4c485c
  • adobe-idp-site-verification=8fe8dab35fe0f86e464aa7e367698d8f8c4afb051a88c1603861a115bc385168
  • cisco-ci-domain-verification=3ef0fb47a638117fe55133a388afdc2963e421f9d1cd760be89709ad758e4a0f
  • atlassian-domain-verification=VHUfxaOayNlIXwTPYSi8TaIZz4ho5LswBvpIuJnzClyY63itVA5hmH6dk5tdCTbb
  • MS=ms53012950

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com include:_netblocks.eloqua.com include:u2500984.wl235.sendgrid.net include:unit4-spf.unit4cloud.com include:spf2.brandmaster.com include:spf.mailjet.com ip4:185.14.244.9 ip4:185.14.245.9 ip4:185.14.246.9 ip4:185.14.247.9 -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:dmarc_agg@vali.email
policy: quarantine
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPMvVlUOQCsJd5XAQcSRbGs3czJ/KiBB2bDfx7t6cZt79S+/xSxWjtjGej7P3FtZiPk1iCoul6xjCxGvdoqJ…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4IQYyVrB4XcrK0BsPpRypRnDj6VXjvkE1K1bIBIvBHk1S3dNzz0qd9EIEG0J1646oO/Ce4lIp0ZKgSDupo…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDzT/XzHELHYrWZ3W//pIq76NrV0aGURSHjYyV18a1r1Sd9df9brjOEXJpEGhkr/99B2bdPeqyWR8i8RB3A35GCDY…
selectors probed

Certificate (current)

GlobalSign GCC R3 DV TLS CA 2020
from 2025-04-29 to 2026-05-31
Expires in 12 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.bonava.com/sv

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
Header values
x-frame-options
SAMEORIGIN
permissions-policy
autoplay=(self "https://*.investisdigital.com" "https://*.youtube.com" "https://*.vimeo.com" "https://*.vimeocdn.com"), encrypted-media=(self "https://*.investisdigital.com" "https://*.youtube.com" "https://*.vimeo.com" "https://*.vimeocdn.com"), fullscreen=(self "https://*.investisdigital.com" "https://*.youtube.com" "https://*.vimeo.com" "https://*.vimeocdn.com")
x-content-type-options
nosniff
content-security-policy
default-src 'self' edge.api.brightcove.com viz.tools.investis.com *.media.brightcove.com cdn.jsdelivr.net dev-api.investisdigital.com api.investisdigital.com dev-assets.investisdigital.com assets.investisdigital.com qaotp.tools.investisdigital.com *.nr-data.net *.googleapis.com *.cookielaw.org *.google-analytics.com api.alertir.com irs.tools.investis.com/Clients/sv/bonava/XML/xml_en.aspx *.myidx.cloud; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com ict.infinity-tracking.net www.gstatic.com viz.tools.investis.com www.google.com maps.googleapis.com maps.google.com www.linkedin.com ajax.googleapis.com pi.pardot.com bam.nr-data.net *.googletagmanager.com *.google-analytics.com sjs.bizographics.com connect.facebook.net *.jquery.com irs.tools.investis.com *.hotjar.com px.ads.linkedin.com d2wy8f7a9ursnm.cloudfront.net ssl.p.jwpcdn.com js-agent.newrelic.com cdn.jsdelivr.net edge.api.brightcove.com *.googleapis.com www.youtube.com youtube.com s.ytimg.com unpkg.com *.invest
strict-transport-security
max-age=15552000; includeSubDomains; preload

Links to (7)

Linked from (2)