jubii.dk — domain check, WHOIS, DNS & reputation

HTML metadata

Title: Jubii
Language: da

Open Graph

url: https://www.jubii.dk
title: Jubii
locale: da_DK
site name: Jubii.dk

Technology

CMS: Next.js

DNS records live

NS

sage.ns.cloudflare.com
veronica.ns.cloudflare.com

MX

10 mx.dka.mailcore.net

Verified for

Google

Email authentication strong

SPF

v=spf1 mx ip4:83.221.146.32/27 include:spf.lytzenitmail.dk include:spf.ubivox.com include:spf.mailcore.net include:sendgrid.net include:mail.zendesk.com include:_spf.anpdm.com ip4:212.242.40.0/21 -all

strict (-all)

DMARC

v=DMARC1; p=reject; adkim=s; aspf=s; fo=1; sp=reject; ruf=mailto:postmaster@jubii.dk; rua=mailto:b8bbc5c7b2814ce59f28d2b21de67dde@dmarc-reports.cloudflare.net;

policy: reject (enforced) · sp=reject

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEGhjue3CbHMO/yce/7KbOtbtrvlLt8OMwrI79gnC8/NR7JPn3og6W9JtVfaxSYC4FvyYildkYR/rGRyN2…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05jz4tm0dORmUzTNb8Q+VvRWaT4Cn31hvRFFZM1hm66mV9JIjgSw9wti3htj5f9qcwlqhBayW0SpljPf/D…

selectors probed

Certificate (current)

R13

from 2026-04-07 to 2026-07-06

Expires in 31 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.jubii.dk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: same-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src-elem 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://hcaptcha.com https://*.hcaptcha.com https://js.stripe.com; frame-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://js.stripe.com; img-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://strapi.inbox.com; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://*.fjordmail.no https://*.recurrent.no;
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: same-origin