indexo.dev

eldhsatelje.se

.se crawl

First seen 2026-05-24 · Last seen 2026-05-31 · ok HTTP/1.1 200 1404 ms crawled 2026-05-29

SE · 91.201.60.16 · AS44136 ODERLAND Webbhotell AB

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title
Home - Carl Eldhs Ateljémuseum
Language
en-GB
Generator
WordPress 6.9.4
Canonical
https://eldhsatelje.se/en/
Translations
  • en
  • sv
Feeds

Open Graph

url
https://eldhsatelje.se/en/
title
Home - Carl Eldhs Ateljémuseum
locale
en_GB
site name
Carl Eldhs Ateljémuseum
locale:alternate
sv_SE

Technology

Server
LiteSpeed
CMS
WordPress 6.9.4
PHP
8.3.31 security-only
Social widgets
  • Vimeo Embed

Third-party hosts loaded (4)

  • gmpg.org×1
  • player.vimeo.com×1
  • w.soundcloud.com×1
  • www.google.com×1

Social

Contact

Email
Phone

DNS records live

NS
  • ns1.loopia.se
  • ns2.loopia.se
MX
  • 10 mx.simply.com
Verified for
  • Google

Email authentication partial

SPF
v=spf1 include:kundspf.loopia.se include:spf.simply.com -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

R13
from 2026-05-01 to 2026-07-30
Expires in 59 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://eldhsatelje.se/en/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
script-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://ybug.io/api/v1/widget/78wn2bw5q8d0hwspj9zg.js https://widget.ybug.io/button/78wn2bw5q8d0hwspj9zg.js https://ybug.io/api/v1/button/78wn2bw5q8d0hwspj9zg.js https://app.io/api/v1/button/78wn2bw5q8d0hwspj9zg.js https://app.ybug.io/* https://*.ybug.io https://ybug.io/%20 https://ybug.io/* https://google.com/* https://google.se/* https://*.google.com/ https://*.google.se/ https://www.gstatic.com/; img-src 'self' data: blob: https://ybug.io/api/v1/widget/78wn2bw5q8d0hwspj9zg.js https://widget.ybug.io/button/78wn2bw5q8d0hwspj9zg.js https://ybug.io/api/v1/button/78wn2bw5q8d0hwspj9zg.js https://app.io/api/v1/button/78wn2bw5q8d0hwspj9zg.js https://*.ybug.io https://app.ybug.io/* https://ybug.io/%20 https://ybug.io/* https://google.com/* https://google.se/* https://*.google.com/ https://*.google.se/ https://www.gstatic.com/; object-src 'self' data: blob: https://ybug.io/api/v1/widget/78wn2bw5q8d0hwspj9zg.js https://widget.ybug.io/

Links to (2)

Linked from (3)