indexo.dev

helphero.se

.se crawl

First seen 2026-05-29 · Last seen 2026-05-31 · ok HTTP/1.1 200 914 ms crawled 2026-05-31

SE · 91.201.62.237 · AS44136 ODERLAND Webbhotell AB

Reputation 72/100 weak security headers multiple spf records no dmarc policy

Classifying

HTML metadata

Title
Offerter från experter | HelpHero
Description
Hitta offert från hantverkare och byggföretag nära dig. 400 000 hemägare hjälpta med offerter och experthjälp. Läs mer här →
Language
sv
Canonical
https://helphero.se/

Open Graph

title
Offerter från experter | HelpHero
description
Hitta offert från hantverkare och byggföretag nära dig. 400 000 hemägare hjälpta med offerter och experthjälp. Läs mer här →

Technology

Server
LiteSpeed
CMS
WordPress
PHP
8.4.21
jQuery
3.5.1
Stack
PHP
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • js-de.sentry-cdn.com×1
  • www.googletagmanager.com×1

DNS records live

NS
  • ns1.loopia.se
  • ns2.loopia.se
MX
  • 1 aspmx.l.google.com
  • 10 aspmx2.googlemail.com
  • 10 aspmx3.googlemail.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • spf2.0/pra include:spf.mailjet.com include:_spf.google.com include:mailgun.org mx:mail.helphero.se ip4:91.201.62.237 ip4:91.201.60.16 ip4:91.201.63.39 mx ip4:195.198.51.19 ip4:212.18.231.146 ip4:159.135.239.54 ip4:213.180.66.136/26 ip4:213.180.72.147/29 ip4:213.180.82.131/25 ip4:81.91.14.0/25 ip4:79.136.127.242/29 ~all
  • 7f3782baba4e926a1636a65545caefcc
Verified for
  • Google
  • Meta

Email authentication weak

SPF
v=spf1 include:spf.mailjet.com include:_spf.google.com include:mailgun.org mx:mail.helphero.se ip4:91.201.62.237 ip4:91.201.60.16 ip4:91.201.63.39 mx ip4:195.198.51.19 ip4:212.18.231.146 ip4:159.135.239.54 ip4:213.180.66.136/26 ip4:213.180.72.147/29 ip4:213.180.82.131/25 ip4:81.91.14.0/25 ip4:79.136.127.242/29 ~all
softfail (~all) · multiple SPF records
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-04-01 to 2026-06-30
Expires in 30 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://helphero.se/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://helphero.se https://*.google.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://tagmanager.google.com https://*.doubleclick.net https://www.googleadservices.com https://cdn-cookieyes.com https://*.cookieyes.com https://*.cookielaw.org https://*.facebook.com https://*.facebook.net https://*.pinterest.com https://*.tiktok.com https://*.pinimg.com https://*.hotjar.com https://*.clarity.ms https://*.bing.com https://*.sentry-cdn.com https://*.typeform.com https://*.stripe.com https://*.googlesyndication.com https://*.byspotify.com https://iresads.com;

Linked from (1)