sanktjorgenpark.se — domain check, WHOIS, DNS & reputation

HTML metadata

Title

Spa, Hotel and Conference in Gothenburg | Sankt Jörgen Park

Description

Sankt Jörgen Park – a spa in Gothenburg. A modern country club just 15 minutes from the city center. Enjoy the greens and the hot saunas. Cozy and unpretentious.

Language

en

Canonical

https://www.sanktjorgenpark.se/en/

Translations

en
sv

Open Graph

url: https://www.sanktjorgenpark.se/en/
title: Spa, Hotel and Conference in Gothenburg | Sankt Jörgen Park
description: Sankt Jörgen Park – a spa in Gothenburg. A modern country club just 15 minutes from the city center. Enjoy the greens and the hot saunas. Cozy and unpretentious.

Technology

CDN: Vercel
CMS: Next.js
JS framework: Next.js

Third-party hosts loaded (1)

forms.markethype.io×1

DNS records live

NS

ns1.ilait.se
ns2.ilait.se
ns3.ilait.se
ns4.ilait.se

MX

99 d338560.a.ess.de.barracudanetworks.com
99 d338560.b.ess.de.barracudanetworks.com

Verified for

Google
Meta
Microsoft 365

Email authentication partial

SPF

v=spf1 ip4:79.136.112.194 include:spf.mandrillapp.com include:spf.hostingconnection.eu include:_spf.ilait.net include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=none; fo=1; rua=mailto:rua+sanktjorgenpark.se@dmarc.barracudanetworks.com; ruf=mailto:ruf+sanktjorgenpark.se@dmarc.barracudanetworks.com

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgZzTwll2tNEhmafyJEmGomX00Ebdn2rO4HruD1oEWrhm487j/XmDgBAzRKVJqSNrP+jmLjhZI60Dw…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

R12

from 2026-05-02 to 2026-07-31

Expires in 58 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.sanktjorgenpark.se/en

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' data: *.api.sanity.io; img-src 'self' data: mapsresources-pa.googleapis.com cdn.sanity.io www.googletagmanager.com *.google-analytics.com *.google.se *.google.com boka.sanktjorgenpark.se *.vimeocdn.com maps.googleapis.com maps.gstatic.com *.facebook.com *.bing.com *.clarity.ms *.doubleclick.net bat.bing.net; style-src 'self' 'unsafe-inline' boka.sanktjorgenpark.se fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.bookvisit.com boka.sanktjorgenpark.se *.amazonaws.com www.googletagmanager.com *.cookie-script.com *.google-analytics.com *.googleadservices.com *.google.com maps.googleapis.com *.facebook.com *.facebook.net *.bing.com *.clarity.ms *.markethype.io altek-hospitality-chatbot-agent.web.app *.thehotelsnetwork.com; frame-src player.vimeo.com altek-hospitality-chatbot-agent.web.app *.stape.io; frame-ancestors 'self' localhost:3333 studio.sanktjorgenpark.se studio.sanktjorgenpark.hoy.to dev-studio.sanktjorgenpark.hoy.to; connect-src 'self' ws:
strict-transport-security: max-age=63072000; includeSubDomains

Linked from (2)

padlet.se×1
visbook.com×1