byggfabriken.dk
byggfabriken.dk
HTML metadata
Technology
- Server
- nginx
- CMS
- Gatsby
- Analytics
-
- Google Tag Manager
- Fonts
-
- Adobe Fonts
- Google Fonts
Third-party hosts loaded (4)
- fonts.googleapis.com×2
- www.byggfabriken.se×2
- use.typekit.net×1
- www.googletagmanager.com×1
Social
DNS records live
- NS
-
- dns1.oderland.com
- dns2.oderland.com
- dns3.oderland.com
- Verified for
-
Email authentication no MX
- SPF
- not published
- DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
R12
Expires in 51 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
font-src *.byggfabriken.se *.byggfabriken.dk *.cloudflare.com *.twitter.com google.com *.google.com *.google.co.in *.facebook.com *.gstatic.com *.typekit.net *.twimg.com *.trustedshops.com *.googleapis.com *.bootstrapcdn.com https://*.hotjar.com *.kundo.se *.forms.app forms.app *.getflowbox.com getflowbox.com *.fontawesome.com *.fonts.googleapis.com data: *.klarnacdn.net maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.byggfabriken.se *.byggfabriken.dk *.twitter.com *.facebook.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalco- strict-transport-security
max-age=63072000; includeSubDomains; preload