indexo.dev

thuresson.se

.se crawl

First seen 2026-06-04 · Last seen 2026-06-04 · ok HTTP/1.1 200 1373 ms crawled 2026-06-04

US · 162.159.140.127 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Arne Thuresson
Language
sv-SE
Canonical
https://thuresson.se/

Technology

CDN
Cloudflare
CMS
Gatsby
jQuery
3.3.1 known XSS (<3.5)
Cookie consent
  • Cookiebot
Fonts
  • Google Fonts

Third-party hosts loaded (3)

  • ajax.aspnetcdn.com×2
  • consent.cookiebot.com×1
  • fonts.googleapis.com×1

Social

Contact

Email
Phone

DNS records live

NS
  • ns1-02.azure-dns.com
  • ns2-02.azure-dns.net
  • ns3-02.azure-dns.org
  • ns4-02.azure-dns.info
MX
  • 0 thuresson-se.mail.protection.outlook.com
TXT
  • include:mailgun.org ip4:194.132.118.170
Verified for
  • Microsoft 365

Email authentication partial

SPF
v=spf1 include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1; p=none;
policy: none (monitoring only)
DKIM
Show 4 DKIM selectors
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQGQLm5MsgRqlhjPrTkXX8YxO1teP7oGkdH+fGx5uk6a9H/J4zgFqg5agYwoMiJrkGwLAdKddmpuehOW5HKI…
  • selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0glUiAWVrGQZGLW2j7Y4GeVYqA7nZZOK/XcwbAlNbM7tlN2qLL34+W/jK875W6Lsi2Ejupo6FEJKSu…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0y7VXU31XjN/LTD8W+apRjKz8NWJ5QxRURWSOpoFIsbzA9DKSFmF0QYWbaqklnvg6N1sH7DNstw5cmWEs…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCu51hj74eUjC24mF6t6zjTcDrhRF93Q2kr/jZPitboChi77se90ou7mM5GAYNB9PdUkidKX0gjlesTBY8K1gRODw…
selectors probed

Certificate (current)

WE1
from 2026-04-16 to 2026-07-16
Expires in 40 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://thuresson.se/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • short HSTS max-age
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SameOrigin
x-content-type-options
nosniff
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' consentcdn.cookiebot.com consent.cookiebot.com ajax.aspnetcdn.com maps.googleapis.com;style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com;img-src 'self' data: *.umbraco.com imgsct.cookiebot.com grabber.cdn-norce.tech img.youtube.com *.azurewebsites.net maps.gstatic.com maps.googleapis.com;frame-src 'self' consentcdn.cookiebot.com www.youtube.com *.umbraco.com;font-src 'self' data: cdnjs.cloudflare.com fonts.googleapis.com fonts.gstatic.com;connect-src 'self' consentcdn.cookiebot.com maps.googleapis.com at-grabber.search.windows.net
strict-transport-security
max-age=2592000

Links to (5)