forsvarsmakten.se

HTML metadata

Title

Försvarsmakten

Description

Vi försvarar Sverige, våra allierade och vår frihet att leva som vi själva väljer.

Language

sv

Canonical

https://www.forsvarsmakten.se/

Translations

en
sv

Open Graph

url: https://www.forsvarsmakten.se/

Technology

CDN: Cloudflare

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Contact

Phone

+4687887500

DNS records live

NS

dns5.telia.com
dns6.telia.com
ns.mil.se
ns2.mil.se
ns3.mil.se
pitea.dns.swip.net
x.mil.se

MX

10 mx-50.mil.se
10 mx-60.mil.se
10 mx-70.mil.se
10 mx-80.mil.se

TXT

1kxyg059j4527c9lnr01h39v3sj0zxfl
"google-site-verification: jZfWbYoMUqdeJDzeSowcvitAyByfJPGhyWGHgyOAdD0"
_pdlvgb6m0u9t2h5hwhn0n2wd5fiu893

Verified for

Google
Meta

Email authentication strong

SPF: v=spf1 -all
strict (-all)
DMARC: v=DMARC1;p=reject;fo=1;ri=86400;adkim=r;aspf=r;rua=mailto:dmarc-fm@mil.se;ruf=mailto:dmarc-fm@mil.se;sp=quarantine
policy: reject (enforced) · sp=quarantine
DKIM: no key found at common selectors

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1

from 2025-11-13 to 2026-11-13

Expires in 165 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://www.forsvarsmakten.se/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: autoplay=(self "https://www.youtube-nocookie.com" "https://www.youtube.com"), fullscreen=(self "https://www.youtube-nocookie.com" "https://www.youtube.com"), picture-in-picture=(self "https://www.youtube-nocookie.com" "https://www.youtube.com"), web-share=(self "https://www.youtube-nocookie.com" "https://www.youtube.com")
x-content-type-options: nosniff
content-security-policy: base-uri 'self'; child-src 'self'; connect-src 'self' https://*.aptrinsic.com https://*.azure.com https://*.bing.com https://*.bing.net https://*.clarity.ms https://*.cookiebot.eu/ https://*.forsvarsmakten.se https://*.google-analytics.com https://*.optimizely.com https://analytics.google.com https://api.segment.io https://cdn.segment.com https://googleads.g.doubleclick.net https://js.userflow.com https://pagead2.googlesyndication.com https://region1.analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net https://www.google.com https://www.google.se https://www.googleadservices.com https://www.googletagmanager.com https://www.youtube-nocookie.com wss://e.userflow.com; font-src 'self' data: https://*.cloudfront.net/graphik/ https://*.cloudfront.net/lato/ https://fonts.gstatic.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' https://*.cookiebot.eu/ https://*.episerver.net https://www.googletagmanager.com https://www.youtube-nocookie.com
strict-transport-security: max-age=31536000; includeSubDomains