indexo.dev

gelstedfjernvarme.dk

.dk crawl

First seen 2026-06-01 · Last seen 2026-06-01 · ok HTTP/1.1 200 239 ms crawled 2026-06-01

IE · 20.50.64.13 · AS8075 Microsoft Corporation

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Gelsted Fjernvarmeselskab
Language
da
Canonical
https://gelstedfjernvarme.dk

Open Graph

url
https://gelstedfjernvarme.dk
title
Gelsted Fjernvarmeselskab
locale
da-dk

Technology

Third-party hosts loaded (5)

  • static.moliri.dk×14
  • cdn.moliri.dk×2
  • cdnjs.cloudflare.com×2
  • cookiecontrol.bleau.dk×2
  • cdn.jsdelivr.net×1

Contact

Phone
Address
Telefon:6449 1860

DNS records live

NS
  • ns1.curanet.dk
  • ns2.curanet.dk
MX
  • 10 gelstedfjernvarme-dk.mail.protection.outlook.com
TXT
Show 4 TXT records
  • qJiqTP8FIrhmO4igTSTo7+I1x5+GIwQOeN09RlCkwXM
  • CcaBKNfGmnDTT0JmWLEJrWNgLbvxcB7cB+2TGyz9phA
  • sPXP2e6RHt5Nt0UqMXcwhaM8qmUc/fFcVnTTA2kkaCY
  • +oCmtNuu7RYB9GJxNTul1TOIBLDHA0k8aHekPP6IL48
Verified for
  • GlobalSign
  • Microsoft 365

Email authentication weak

SPF
v=spf1 include:spf.protection.outlook.com -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

GlobalSign RSA OV SSL CA 2018
from 2025-12-01 to 2027-01-02
Expires in 214 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://gelstedfjernvarme.dk/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
Header values
referrer-policy
strict-origin-when-cross-origin
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
x-content-type-options
nosniff
content-security-policy
default-src 'self' fonts.gstatic.com fonts.googleapis.com static.moliri.dk *.azure.com *.google-analytics.com *.doubleclick.net data: www.gstatic.com statservicefunctions.azurewebsites.net hearingportalfilestorage.blob.core.windows.net cookiecontrol.bleau.dk *.devtunnels.ms api-eu1.cludo.com *.moliri.dk dawa.aws.dk cdn.jsdelivr.net cdnjs.cloudflare.com moliricdn.azurewebsites.net 'self' https://eforsyning.dk https://webhook.logentries.com https://apiapp.dff-edb.dk/ public.flourish.studio player.vimeo.com cdn.raffle.ai searchcfg.raffle.ai search-backend.raffle.ai app.elvium.com scribehow.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com cdhsign.dk cdnjs.cloudflare.com unpkg.com static.moliri.dk customer.cludo.com *.gstatic.com npmcdn.com moliricdn.azurewebsites.net 'self' https://eforsyning.dk https://servicealert.dk player.vimeo.com cdn.raffle.ai app.elvium.com https://scribehow.com;script-src 'self' 'unsafe-inline' *.moliri.dk *.bleau.dk *.cludo.com *.gstatic.com *.monsido.co
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (4)

Linked from (1)