brannbamsen.no
brannbamsen.no
HTML metadata
Technology
- Server
- nginx
- CMS
- Next.js
Third-party hosts loaded (3)
- unpkg.com×8
- open.spotify.com×1
- policy.app.cookieinformation.com×1
Registration
- Registrar
- One.com
- Created
- 2018-11-06
- Updated
- 2025-11-06
- Name servers
-
- ns01.one.com
- ns02.one.com
DNS records live
- NS
-
- ns01.one.com
- ns02.one.com
- MX
-
- 0 brannbamsen-no.mail.protection.outlook.com
- Verified for
-
- Microsoft 365
Email authentication partial
- SPF
-
v=spf1 mx ip4:5.145.153.7 ip4:5.145.153.12 include:mail.zendesk.com include:_custspf.one.com include:spf.protection.outlook.com include:spf.mandrillapp.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=nonepolicy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
E7
Expires in 28 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
DENY- permissions-policy
camera=(), microphone=(), geolocation=(), midi=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self)- x-content-type-options
nosniff- content-security-policy
default-src 'self'; connect-src *; font-src 'self' https: data:; frame-src *; frame-ancestors 'self'; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';- strict-transport-security
max-age=31536000; includeSubDomains; preload