nostr:npub13vvfm5djl3y7y8rjnyw2wg4qyjx6hnkc44cn0rdw06agwc8kktvq8a0sze Who controls the hosting? If there's a Content-Security-Policy header set it could prevent iframes, though you should see a message about it in the console when opening the page.