statkraft.co.uk

HTML metadata

Title

Statkraft | Europe's Largest Developer of Renewable Energy - Statkraft UK

Description

Statkraft is a leading renewable energy company and Europe’s largest producer of renewable energy, including hydropower, wind power and solar power.

Language

en-GB

Canonical

https://www.statkraft.co.uk/

Translations

en-gb

Open Graph

url: https://www.statkraft.co.uk/
title: Statkraft | Europe's Largest Developer of Renewable Energy - Statkraft UK
description: Statkraft is a leading renewable energy company and Europe’s largest producer of renewable energy, including hydropower, wind power and solar power.

Technology

CDN: Cloudflare

Analytics

Google Tag Manager

Third-party hosts loaded (3)

siteimproveanalytics.com×1
static.addtoany.com×1
www.googletagmanager.com×1

Social

Contact

Phone

20 7549 1000

Registration

Registrar

CSC Corporate Domains, Inc

Created

2003-02-04

Expires

2027-02-04 260 days left

Updated

2026-01-31

Name servers

dns1.cscdns.net.
dns2.cscdns.net.

DNS records live

NS

dns1.cscdns.net
dns2.cscdns.net

MX

0 statkraft-co-uk.mail.protection.outlook.com

TXT

Show 4 TXT records

MS=ms63266481
f40nkQcnCqKxijYvCrR03aN6U9PWaOFTSUqj2VXkxXU=
pv7XKpizXsdnJessvgow2y9qsKn7wsxrno8niBtjzGQ=
workplace-domain-verification=qG90sFyhll0e9q6uoslxxoI5XViUlF

Email authentication weak

SPF: v=spf1 mx include:_spf-a.statkraft.com include:_spf-b.statkraft.com include:_spf-c.statkraft.com include:spf.protection.outlook.com ip4:193.212.95.47/32 ip4:193.212.95.46/32 ip4:91.213.22.73/32 ip4:91.213.22.74/32 ip4:193.212.95.25/32 ip4:193.212.95.26/32 ip4:81.191.33.231/32 -all
strict (-all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-05-08 to 2026-08-06

Expires in 78 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.statkraft.co.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: sameorigin
x-content-type-options: nosniff
content-security-policy: default-src 'self' ; script-src 'self' 'unsafe-eval' 'wasm-unsafe-eval' 'unsafe-inline' 'strict-dynamic' 'nonce-1bc5eddb-4893-4da4-9f47-c260af7be2ff' https://siteimproveanalytics.com https://*.siteimproveanalytics.io https://siteimproveanalytics.com/js/siteanalyze_6035611.js https://static.smartrecruiters.com/job-widget/1.6.2/script/smart_widget.js https://static.smartrecruiters.com/job-widget/1.6.2/script/jquery.min.js https://www.smartrecruiters.com/job-api/ https://js.monitor.azure.com https://cdn.jsdelivr.net dl.episerver.net https://code.jquery.com/jquery-3.3.1.min.js https://survey.skyra.no/skyra-survey.js https://policy.app.cookieinformation.com/uc.js https://policy.app.cookieinformation.com/ https://www.google.com/recaptcha/api.js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google-analytics.com https://fonts.googleapis.com/* https://www.googletagmanager.com/gtm.js https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: same-site