glimmingehus.se
HTML metadata
Technology
- CMS
- WordPress 6.9
- jQuery
- 3.7.1
Social
Contact
- Phone
DNS records live
- NS
-
- ns1.abedns.se
- ns2.abedns.se
- ns3.abedns.net
- ns4.abedns.net
- MX
-
- 10 mx.portsit.net
- 10 mx.portsit.se
- 20 mx.portsit.com
- Verified for
-
- HARICA
Email authentication weak
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
GEANT TLS RSA 1
Expires in 166 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
Header values
- referrer-policy
no-referrer-when-downgrade- permissions-policy
geolocation=(), midi=(), microphone=(), camera=()- x-content-type-options
nosniff- content-security-policy
default-src 'self' glimmingehus.se http://glimmingehus.se *.glimmingehus.se http://*.glimmingehus.se glimmingehus.se *.elementor.com *.typekit.net *.google.com *.cookieyes.com *.gravatar.com webstats.sgit.se webbanalys.sgit.se widget.publit.com data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net cdnjs.cloudflare.com *.gstatic.com webbstats.sgit.se webstats.sgit.se webbanalys.sgit.se glimmingehus.se *.googleapis.se sketchfab.com; media-src 'self' http: https: glimmingehus.se *.gravatar.com; style-src 'self' 'unsafe-inline' *.googleapis.com blob: ; font-src 'self' data: at.alicdn.com *.wp.com *.typekit.net fonts.gstatic.com *.googleapis.com; frame-ancestors 'self'; img-src 'self' http: https: glimmingehus.se data: *.gravatar.com; frame-src gglimmingehus.se http://glimmingehus.se *.glimmingehus.se http://*.glimmingehus.se glimmingehus.se sketchfab.com; worker-src 'self' blob:- strict-transport-security
max-age=31536000; includeSubDomains
Links to (4)
- youtube.com×1
- raa.se×1
- instagram.com×1
- facebook.com×1