vardforbundet.se
vardforbundet.se
HTML metadata
Technology
- CDN
- Cloudflare
- CMS
- Gatsby
- Stack
- ASP.NET
- Ads
-
- Meta Pixel
- Cookie consent
-
- Cookiebot
Third-party hosts loaded (7)
- vardforbundet.imagevault.media×10
- connect.facebook.net×1
- consent.cookiebot.com×1
- dl.episerver.net×1
- lilum.lightsinline.se×1
- vardforbundet.humany.net×1
- wds.ace.teliacompany.com×1
Social
Contact
- Phone
DNS records live
- NS
-
- ns1-07.azure-dns.com
- ns2-07.azure-dns.net
- ns3-07.azure-dns.org
- ns4-07.azure-dns.info
- MX
-
- 5 vardforbundet-se.mail.protection.outlook.com
- TXT
-
Show 9 TXT records
2uha4q4n0mu434a5m1ee4k576bp9b09bdhaatif2a0g319p05emfaq6hq30uediqglhosei7r1dishihbpegup161udteapqsslti7nlime-domain-verification=B71E89784F508C3/bns8E91DLpYRDUmO/StgKLIWq9fcqe7tSX7BqOkJpmoogwdbB6+2pZEhln4xyJpX0ZzDE41LcF4g+ukYIck1A==urfluv76vvl3kb5kdfnnjllc7kpvb4gjas6fpjstb8g1nsiogtml30nndhvoe4bf1efrar7mjboc8
- Verified for
-
- Meta
Email authentication partial
- SPF
-
v=spf1 ip4:104.40.224.144 include:_spf.anpdm.com include:spf.protection.outlook.com include:sp247.net include:spf.mailjet.com include:_spf.ungapped.io include:_spf.questback.net -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:aggrepfokus@vardforbundet.se; ruf=mailto:forensicfokus@vardforbundet.se; fo=1;policy: none (monitoring only) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC913KuQxPU2gPP8/TVnzmiWkQApZPW1HzAu5LR3roP2/Ig2al16vkEB3+9ZvlI+8jUjROwZh3lzclQmdhiXs… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXlKleBZN7SaUMCNm3ahKEyuWyq6R5eaiFl1ONTbfNqhDCqkJ70biRUsa2pmEOLbvW+X0+XGwlLln+FkQ2… - s2:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA90USmiL8jUIsVYPusIAQFR6PxTHUSUKGtFVvUs+2/T8K59mGho7mBfQaksZfLc7p2gZEN4OIeoO5pzeezG…
selectors probed - selector1:
Certificate (current)
Go Daddy Secure Certificate Authority - G2
Expires in 136 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Permissions Policy
Header values
- referrer-policy
same-origin- x-frame-options
sameorigin- x-content-type-options
nosniff- content-security-policy
default-src 'self';base-uri 'self';form-action 'self' *.vardforbundet.se http://*.ineko.se; worker-src blob:; script-src 'unsafe-eval' 'unsafe-inline' *.youtube.com *.azure.net *.azure.com *.windows.net *.facebook.net *.humany.net *.teliacompany.com https://vardforbundet.lime-forms.com wss://convhub-prod.ace.teliacompany.net *.dreambroker.com *.episerver.com *.episerver.net *.hotjar.com *.cookiebot.com *.google.com *.googleapis.com *.googletagmanager.com *.google-analytics.com *.googletagmanager.com *.lightsinline.se *.google-analytics.com *.gstatic.com *.msecnd.net *.soundcloud.com *.vardforbundet.se *.local *.visualstudio.com *.matomo.cloud *.jquery.com *.bootstrapcdn.com *.ineko.se *.webprovisions.io; style-src 'self' * 'unsafe-inline'; font-src data: 'self' *; img-src data: https: 'self' *; media-src *;connect-src 'self' *.lightsinline.se *.humany.net *.teliacompany.com https://vardforbundet.lime-forms.com *.teliacompany.net wss://convhub-prod.ace.teliacompany.net *.episerver.com *- strict-transport-security
max-age=31536000