helsingborg.se

HTML metadata

Title

Helsingborg.se | Helsingborgs stad

Description

Helsingborgs stads officiella webbplats med service och information för invånare, företagare och besökare.

Language

sv-SE

Canonical

https://helsingborg.se/

Feeds

Open Graph

url: https://helsingborg.se/
title: Helsingborg.se | Helsingborgs stad
locale: sv_SE
site name: Helsingborg.se
description: Helsingborgs stads officiella webbplats med service och information för invånare, företagare och besökare.

Technology

CMS: WordPress

Social

Contact

Email

kontaktcenter@helsingborg.se

Phone

042105000

DNS records live

NS

hbgstad.helsingborg.se
ns1.oresundskraft.se

MX

10 mx1.hc1010-35.eu.iphmx.com
10 mx2.hc1010-35.eu.iphmx.com

TXT

Show 6 TXT records

SITHSvalidation_2022-02-16
opoi07nsn9ch15i3fevukr014b
DomainVerification=PA3C6L3IWRTHRZGY8YV6Y130G2NTTEAZO9YPEMO6K17OH3R7JSZDLJOI774PXACL
JllgxhCKcM/DJpUbTbYtn+pErW9VeQJAIs/325EvywXnkYvP3O6u/izwXYWyjvjukkZ/oawbj5R6CzAQqW81GA==
lime-domain-verification=C094D4677593209
elastx-mrs=ef95602f56509d8d6b10e0dde6a19a7c4dea08de8ebc6b9632f417f713293ddf

Verified for

Adobe
Apple
Brevo
Google
Microsoft 365
TeamViewer

Email authentication strong

SPF

v=spf1 exists:%{i}.spf.hc1010-35.iphmx.com include:_spf.anpdm.com ip4:23.90.117.26 ip4:23.90.118.76 ip4:52.58.208.150 ip4:193.180.104.100 ip4:194.103.128.0/23 include:docebosaas.com include:spf.protection.outlook.com include:ciceron.cloud include:spf.helsingborg.se  include:elastx.email a:vitec.net ip4:87.54.30.56 ip4:217.28.202.8 ip4:217.28.204.8 ip4:193.235.56.0/23 ip4:46.254.8.64/28 ip4:194.14.67.124 ip4:194.14.67.125 ~all

softfail (~all)

DMARC

v=DMARC1;p=reject;sp=reject;pct=100;adkim=r;aspf=r;fo=1;rua=mailto:dmarcspam@helsingborg.se;ruf=mailto:dmarcspam@helsingborg.se

policy: reject (enforced) · sp=reject

DKIM

Show 4 DKIM selectors

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHa6fp48Jf5oRsBPtGf+Taq8bsixtB1COBBx9HNdd7OPWUW2myrr1EPFEw2gA5JraC9KaDLRm+UuXrcfA/zl…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4O4XQ+ay4m2Tmpfd+N40zuhMSgaRoJvf3CWapFaZavHKzHScEKxMPF28dSEbt0jmLeE6L8X3UdB9DS…
mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
s1: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqaMNDxWXrU6t+dI39/pSwSBTs9J0cFnbKxXAZLEIGT8CvMK1hMXFWGRT4kHfuxUd7DpmBtPSI7N0npO1JsLdUVRfsqzx5…

selectors probed

Certificate (current)

YE2

from 2026-05-28 to 2026-08-26

Expires in 87 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://helsingborg.se/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection

Header values

referrer-policy: strict-origin-when-cross-origin
permissions-policy: microphone=(), camera=(), geolocation=(), payment=(self)
x-content-type-options: nosniff
content-security-policy: script-src 'unsafe-eval' 'unsafe-inline' helsingborg.se schema.org media.helsingborg.se stats.helsingborg.se api.helsingborg.se alarm.helsingborg.io account.psplugin.com app-cdn.puzzel.com helsingborg.mynewsdesk.com content.vergic.com blob:; style-src helsingborg.se 'unsafe-inline'; img-src media.helsingborg.se data: blob: *.basemaps.cartocdn.com server.arcgisonline.com https://*.basemaps.cartocdn.com; media-src 'self' blob:; frame-src 'self' blob: www.dagensluft.se helsingborg.mynewsdesk.com eservicetest.helsingborg.se youtu.be www.youtube.com youtube.com; object-src 'none'; form-action helsingborg.se 'self'; font-src helsingborg.se media.helsingborg.se data: https://*.psplugin.com static.entryscape.com; connect-src helsingborg.se schema.org media.helsingborg.se stats.helsingborg.se api.helsingborg.se alarm.helsingborg.io account.psplugin.com app-cdn.puzzel.com eservice.helsingborg.se translate.google.com www.w3.org visithelsingborg.com foretagare.helsingborg.se helsingborg-se.transla
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups;
cross-origin-embedder-policy: unsafe-none;
cross-origin-resource-policy: same-origin;