indexo.dev

statkraftvarme.se

.se crawl

First seen 2026-05-22 · Last seen 2026-05-31 · ok HTTP/1.1 200 616 ms crawled 2026-05-28

SE · 217.114.94.2 · AS30811 Optimizely AB

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Statkraft Varme | Överskottsenergi och fjärrvärme i Sverige
Description
Välkommen till Statkrafts fjärrvärmeverksamhet. Fjärrvärme är i praktiken överskottsenergi. Här hittar du information om fjärrvärme och praktisk information för dig som byggherre eller användare.
Language
sv
Canonical
https://www.statkraftvarme.se/
Translations
  • sv

Open Graph

url
https://www.statkraftvarme.se/
title
Statkraft Varme | Överskottsenergi och fjärrvärme i Sverige
description
Välkommen till Statkrafts fjärrvärmeverksamhet. Fjärrvärme är i praktiken överskottsenergi. Här hittar du information om fjärrvärme och praktisk information för dig som byggherre eller användare.

Technology

CDN
Cloudflare
Analytics
  • Google Tag Manager

Third-party hosts loaded (3)

  • siteimproveanalytics.com×1
  • static.addtoany.com×1
  • www.googletagmanager.com×1

Contact

Phone

DNS records live

NS
  • dns1.cscdns.net
  • dns2.cscdns.net
MX
  • 10 statkraftvarme-se.mail.protection.outlook.com
TXT
  • yv8+UQnz1zDPNEPklQMpAkkSttA5XS8+w7O2BZ4Q+gc=
Verified for
  • GlobalSign
  • Microsoft 365
  • Workplace

Email authentication weak

SPF
v=spf1 mx include:_spf-a.statkraft.com include:_spf-b.statkraft.com include:_spf-c.statkraft.com include:spf.protection.outlook.com ip4:193.212.95.47/32 ip4:193.212.95.46/32 ip4:91.213.22.73/32 ip4:91.213.22.74/32 ip4:193.212.95.25/32 ip4:193.212.95.26/32 ip4:81.191.33.231/32 -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

WE1
from 2026-05-07 to 2026-08-05
Expires in 66 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.statkraftvarme.se/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
sameorigin
x-content-type-options
nosniff
content-security-policy
default-src 'self' ; script-src 'self' 'unsafe-eval' 'wasm-unsafe-eval' 'unsafe-inline' 'strict-dynamic' 'nonce-162c32a3-4645-46e0-9134-110c0a535c40' https://siteimproveanalytics.com https://*.siteimproveanalytics.io https://siteimproveanalytics.com/js/siteanalyze_6035611.js https://static.smartrecruiters.com/job-widget/1.6.2/script/smart_widget.js https://static.smartrecruiters.com/job-widget/1.6.2/script/jquery.min.js https://www.smartrecruiters.com/job-api/ https://js.monitor.azure.com https://cdn.jsdelivr.net dl.episerver.net https://code.jquery.com/jquery-3.3.1.min.js https://survey.skyra.no/skyra-survey.js https://policy.app.cookieinformation.com/uc.js https://policy.app.cookieinformation.com/ https://www.google.com/recaptcha/api.js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google-analytics.com https://fonts.googleapis.com/* https://www.googletagmanager.com/gtm.js https://maps.googleapis.com/maps/ https://maps.googleapis.com/maps-api-v3/
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-site

Links to (5)

Linked from (2)