boverket.se
HTML metadata
Technology
- Server
- baffin-bay-inlet
- Cookie consent
-
- Cookiebot
Third-party hosts loaded (3)
- cdn.screen9.com×1
- consent.cookiebot.com×1
- consentcdn.cookiebot.com×1
Social
DNS records live
- NS
-
- ns1.p201.dns.oraclecloud.net
- ns2.p201.dns.oraclecloud.net
- ns3.p201.dns.oraclecloud.net
- ns4.p201.dns.oraclecloud.net
- MX
-
- 10 mx01.advania.cloud
- 10 mx02.advania.cloud
Email authentication strong
- SPF
- not published
- DMARC
-
v=DMARC1; p=quarantine; rua=mailto:dmarc@boverket.sepolicy: quarantine - DKIM
- no key found at common selectors
Certificate (current)
DigiCert Global G2 TLS RSA SHA256 2020 CA1
Expires in 153 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- cross-origin-opener-policy
- cross-origin-resource-policy
- findings
-
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
no-referrer- x-frame-options
sameorigin- x-content-type-options
nosniff- content-security-policy
script-src 'strict-dynamic' 'nonce-3369f092-d1a6-4cae-a512-376bd895f210' https://*.cookiebot.com; object-src 'self' ; frame-src *.frcapi.com *.cookiebot.com *.screen9.com esmaker.net *.esmaker.net *.qcnl.tv qcnl.tv; frame-ancestors 'none' ; base-uri 'self' ; report-uri https://www.boverket.se/api/reporting/; report-to csp-endpoint;- strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000- cross-origin-opener-policy
same-origin- cross-origin-resource-policy
same-origin