financesweden.se
HTML metadata
Technology
- CDN
- Cloudflare
- Cookie consent
-
- Cookiebot
Third-party hosts loaded (1)
- consent.cookiebot.com×1
Contact
DNS records live
- NS
-
- ns1.loopia.se
- ns2.loopia.se
- MX
-
- 10 financesweden-se.mail.protection.outlook.com
- TXT
-
DomainVerification=ICV3LEW05E8QQ5CXDRDDH1EMN38N92AYLWGARNPA29QNSR553OTUGIYVBNZO7RVUMS=ms84201904s42tgdl10mqkb47g2sp328hfmd
Email authentication strong
- SPF
-
v=spf1 include:spf.protection.outlook.com -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; rua=mailto:dmarc@swedishbankers.se; ruf=mailto:dmarc@swedishbankers.se;policy: reject (enforced) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZZwl3nPEJLK1ncWuQchiU9udUCxJXKYHlbWqgD+4nawHyB71jWW2JkTcbq0bYSx6bJ+aQgssau0x1…
selectors probed - selector1:
Certificate (current)
WE1
Expires in 83 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
no-referrer- x-frame-options
SAMEORIGIN- permissions-policy
fullscreen=(self "https://*.youtube.com")- x-content-type-options
nosniff- content-security-policy
default-src 'self';base-uri 'self';form-action 'self' https://*.apsis.one;script-src 'self' 'nonce-4E2IUeVHBAtzHOLC2caY1tQ4MeTPAXXGoogrSfQXIAs=' 'strict-dynamic' https://*.cookiebot.com https://*.vimeocdn.com;img-src 'self' data: https://*.cookiebot.com data: ;connect-src 'self' ws://* wss://* https://*.cookiebot.com;font-src 'self' https://fonts.gstatic.com;frame-src 'self' https://*.youtube.com https://*.cookiebot.com https://*.apsis.one https://*.google.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;frame-ancestors 'none';- strict-transport-security
max-age=31536000; includeSubDomains; preload