diakonhjemmethage.no
diakonhjemmethage.no
HTML metadata
Technology
- Server
- Apache
Third-party hosts loaded (1)
- diakon-iframe.vercel.app×1
Social
DNS records live
- NS
-
- ns1.hyp.net
- ns2.hyp.net
- ns3.hyp.net
Email authentication no MX
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 54 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
no-referrer- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self' 'unsafe-inline' https://www.google.com/recaptcha/api2/;base-uri 'self';form-action 'self' https://diakonhjemmethage.us7.list-manage.com/ https://diakonhjemmetstiftelse.mailmojo.no/;object-src 'none';script-src 'self' platform.twitter.com/widgets.js https://platform.twitter.com/js/ platform.instagram.com/en_US/embeds.js https://www.instagram.com/ https://ir.oms.no/iframe.js 'sha256-CJdDzngTZAg2k4HzwNUDL1h67vTTiEz56Z97xIrwbbQ=' 'sha256-sijmxHxtS6PYK/HX6PagaxnAtkf8d+JcIXXguLez3Vs=' siteimproveanalytics.com/js/siteanalyze_6011053.js https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/;frame-src 'self' https://www.youtube.com/ https://platform.twitter.com/ https://www.instagram.com/ https://ir.oms.no/ https://player.vimeo.com/ https://www.google.com/ https://diakon-iframe.vercel.app/;style-src 'self' 'unsafe-inline';img-src 'self' *.siteimproveanalytics.io/ redaktor.diakonhjemmet.no/ login.microsoftonline.com/ https://kunde.byggekamera.no/;- strict-transport-security
max-age=31557600