kirken.no
kirken.no
HTML metadata
Technology
- CDN
- Cloudflare
Third-party hosts loaded (5)
- cdn-assets-eu.frontify.com×1
- media.ffycdn.net×1
- minkirkeside.no×1
- policy.app.cookieinformation.com×1
- pskjeriimagelibrary2c119.blob.core.windows.net×1
Social
DNS records live
- NS
-
- ns1.krx.no
- ns2.krx.no
- ns3.krx.no
- MX
-
- 0 kirken-no.mail.protection.outlook.com
- TXT
-
Show 4 TXT records
2442d9b50dcc97915a976649943dfc8f21e9dc74efaf87a762ff4cb30cca3962/fB5eaUXOlvGCW3/vd8zR6kytg66zVU1DF/SSFNNPigGQjkeIzNjVE9uU8Scy4Y97gGtjyJWZy5nG+s/9bJXVA==DomainVerification=9JM804ARQ1RDCDH0CH0FR7JT4VRUQUQVXOCFVQUNJGB0TQZFW0ZN10MROSOSNLSTlime-domain-verification=9FC6BF8C87F41DD
- Verified for
-
- Atlassian
- Brevo
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 ip4:195.254.202.4/30 ip4:193.75.104.0/24 ip4:77.241.100.0/24 ip4:85.252.114.0/24 ip4:178.164.3.199/32 ip4:212.125.226.230/32 ip4:62.148.57.38/32 include:spf.protection.outlook.com include:spf.mandrillapp.com include:spf.xledger.net include:spf.mailjet.com include:exchange.driftsparken.no include:sendgrid.net include:servers.mcsv.net include:eu.mailgun.org -allstrict (-all) - DMARC
-
v=DMARC1; p=quarantine; sp=none; rua=mailto:dmarc_agg@vali.email; ruf=mailto:postmaster@kirkepartner.no;policy: quarantine · sp=none - DKIM
-
Show 5 DKIM selectors
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zphTZSiJbArzazKkfpiGo/J5AZJK7TQPwlCq6Xb22URAGxZQIHb6OhY8VpV734RHG5j90LRvvKEIO… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbOO+dEOr5VhJdKGoUr7q1zDU8I3l3ZXjc1sB5JpqDdp187gYxvcLaRiddvLP/kDgx4tKBt23Ze/Nq… - k2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxg00B21J/x1GIa598yUt3biGM1G4wKGd4j1MhKVSBdZ/TtDvUWDb2RJaXPA0+0D1D9sftuzVy8TXGyhUQo… - s2:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FzBB18AwpR+hsNB3PAFrXhmXDguKxL17Tcq3nP3eyPlKX1PyWRt10aY7zIphOii+xPd/BhoLJYKRFSi1U…
selectors probed - selector1:
Certificate (current)
WE1
Expires in 65 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
Header values
- referrer-policy
strict-origin-when-cross-origin- permissions-policy
camera=(), microphone=()- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://policy.app.cookieinformation.com https://consent.app.cookieinformation.com https://maps.googleapis.com https://cdn.matomo.cloud https://kirken.matomo.cloud https://connect.facebook.net https://www.instagram.com https://static.elfsight.com https://static.hotjar.com https://s.usea01.idio.episerver.net https://js.monitor.azure.com https://e.infogram.com https://player.vimeo.com https://*.vimeocdn.com https://open.spotify.com https://*.scdn.co https://creators.spotify.com; frame-src 'self' https://policy.app.cookieinformation.com https://consent.app.cookieinformation.com https://player.vimeo.com https://vimeo.com https://www.youtube.com https://www.youtube-nocookie.com https://www.facebook.com https://www.instagram.com https://*.medarbeideren.no https://nettbutikk.solidus.no https://*.office.com https://*.office365.com https://*.google.com https://e.infogram.com https://open.spotify.com https:/- strict-transport-security
max-age=31536000; includeSubDomains; preload