hogrefe.se
hogrefe.se
HTML metadata
Technology
- CDN
- Cloudflare
- jQuery
- 1.11.0 known XSS (<3.5)
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (2)
- www.googletagmanager.com×2
- polyfill-fastly.io×1
Social
DNS records live
- NS
-
- dora.ns.cloudflare.com
- mark.ns.cloudflare.com
- MX
-
- 5 mx.hogrefe.se
- Verified for
-
- Microsoft 365
Email authentication partial
- SPF
-
v=spf1 a mx ip4:91.223.204.0/24 ip4:185.20.13.54 include:_vsp.oderland.com include:spf.protection.outlook.com -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:dmarc@rule.se,mailto:c8t3egmm@ag.eu.dmarcadvisor.com; ruf=mailto:authfail@rule.se,mailto:c8t3egmm@fr.eu.dmarcadvisor.com;policy: none (monitoring only) - DKIM
-
- default:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMM+JJQA+DGkImLdttLtnEal/b3BKIw9yUJ4jkrX1PnskhX86FjJ/8XoFwoUaKIV6yzk1fSky0MuRJ… - selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19dOxQ5N3tJHMZA2O6zxJ6m7il64NvmZZHd6khT7VkZUvzL0SD5M/HPNUZID+AQn/c8rUN83OluoMC…
selectors probed - default:
Certificate (current)
WE1
Expires in 41 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
Header values
- referrer-policy
no-referrer-when-downgrade- x-frame-options
SAMEORIGIN- permissions-policy
microphone=()- x-content-type-options
nosniff- content-security-policy
default-src https: wss: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; worker-src data:- strict-transport-security
max-age=31536000