kulturaret.se
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Gatsby
- jQuery
- 3.5.1
- Cookie consent
-
- Cookiebot
Third-party hosts loaded (1)
- consent.cookiebot.com×1
DNS records live
- NS
-
- ns1.loopia.se
- ns2.loopia.se
Email authentication no MX
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
WE1
Expires in 83 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-content-type-options
nosniff- content-security-policy
frame-ancestors 'self' spoxy3.insipio.com; default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' *.sodertalje.se https://dl.episerver.net/ https://web-sdk-eu.aptrinsic.com https://insipio.com/ https://974se.boost.ai/chatPanel/chatPanel.js https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js.monitor.azure.com/ https://static.rekai.se/faadcc89.js https://chat.kindlycdn.com/ https://sockjs-eu.pusher.com/ wss://ws-eu.pusher.com/app/ https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://*.vizzit.se https://maxcdn.bootstrapcdn.com https://translate.google.com https://translate.googleapis.com/ https://translate-pa.googleapis.com https://5p4rk13.com https://*.cookiebot.com/ https://digitalfeedback.euro.confirmit.com/api/digitalfeedback/ https://amplify.notified.com/ https://static.entryscape.com/ https://docs.netpublicator.com/api/public/sodertalje/channel/ *.ednia.se ednia.se https://cdn.matomo.cloud https://api.mediaflow.com https://mfstatic.com https://esmaker.n- strict-transport-security
max-age=31536000; includeSubdomains