modity.se
HTML metadata
Technology
- CMS
- Next.js
Third-party hosts loaded (1)
- images.ctfassets.net×11
DNS records live
- NS
-
- ephemera.nmugroup.se
- ns-any1.nmugroup.se
- ns-any2.nmugroup.se
- origo.nmugroup.com
- unit.nmugroup.com
- vertex.nmugroup.se
- MX
-
- 0 modity-se.mail.protection.outlook.com
- TXT
-
u6rh5p4omi7gkuap5j3nqulnn7/dyH8QIUgWmcQPMkdDmCLIyHVkKRC1Z8WgOMPi4PHjA=
- Verified for
-
- Anthropic
- Apple
- Atlassian
- GlobalSign
- Microsoft 365
Email authentication strong
- SPF
-
v=spf1 include:spf.protection.outlook.com ip4:193.181.45.220 ip4:193.235.149.145 include:_spf.anpdm.com -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; aspf=s; rua=mailto:rua.reports@modity.sepolicy: reject (enforced) - DKIM
-
- selector2:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXnTEOacEvhC9N94ao0CuiRRGcwtRAYaEpZ1r+AeEeRe0ZCWGqNe/0Tf7Vm7MZANX37EG5XAeRIhelqWQmvA…
selectors probed - selector2:
Certificate (current)
E8
Expires in 63 days
HTTP security headers
- present
-
- content-security-policy
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- content-security-policy
default-src 'self' cdn.contentful.com videos.ctfassets.net *.vault.azure.net *.clarity.ms https://www.clarity.ms https://c.bing.com https://*.in.applicationinsights.azure.com *.altcha.org; connect-src 'self' https://*.in.applicationinsights.azure.com https://js.monitor.azure.com/ *.clarity.ms *.altcha.org; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.clarity.ms; worker-src 'self' blob:; style-src 'self' 'unsafe-inline'; img-src 'self' blob: data: cdn.contentful.com images.ctfassets.net videos.ctfassets.net *.openstreetmap.org downloads.ctfassets.net *.clarity.ms c.bing.com; font-src 'self' cdn.contentful.com eu.altcha.org; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests;