indexo.dev

afgruppen.no

.no crawl

First seen 2026-05-30 · Last seen 2026-05-31 · ok HTTP/1.1 200 486 ms crawled 2026-05-31

SE · 217.114.94.2 · AS30811 Optimizely AB

Reputation 100/100

Classifying

HTML metadata

Title
Forside - AF Gruppen
Description
AF Gruppen er et av Norges ledende entreprenør- og industrikonsern. Våre virksomhetsområder er Anlegg, Bygg, Eiendom, Miljø, Energi og Offshore
Language
no
Translations
  • en
  • no
  • sv

Open Graph

url
https://www.afgruppen.no/
title
Vi rydder fra fortiden og bygger for fremtiden
description
AF Gruppen er et av Norges ledende entreprenør- og industrikonsern. Vi leverer tjenester innen anlegg, bygg, eiendom, miljø, energi og offshore.

Technology

CDN
Cloudflare
JS framework
React
Analytics
  • Google Tag Manager

Third-party hosts loaded (6)

  • v.imgi.no×6
  • cdn.ravenjs.com×1
  • policy.app.cookieinformation.com×1
  • www.afgruppen.com×1
  • www.afgruppen.se×1
  • www.googletagmanager.com×1

Social

DNS records live

NS
  • ns1.netnames.net
  • ns2.netnames.net
  • ns5.netnames.net
  • ns6.netnames.net
MX
  • 0 afgruppen-no.mail.protection.outlook.com
TXT
Show 7 TXT records
  • autodesk-domain-verification=_-uqH8nZMgIq6APVQ90v
  • DomainVerification=4PYETL85PUS7BRK9AEX4IXWDX7YVAG7E31LKQSEEHZ6OKHIS7BPC8YTWT1I76Z4F
  • g6urmFpNPAMElZQWDqP5svUn0y1jQ09s+S62nvOh6yB3DvfU+Nft11Day/+ZBxOw6OfRtpyRSHklnARfeS0KmQ==
  • o1JZWbXXONxCyQalubAoR+vcFrSt8RXJMUcCJGZnQ+jqoba4ErTrMBpAvfQx8pUqXkj4XGQttinQBr6BS5pXyA==
  • 4pngkmrzt0l6fl6k93l5l43c39q32s5d
  • r6x6kn0kbxvm367pkq65x91kp6p7my9t
  • af-gruppen-web-prod.azurewebsites.net
Verified for
  • Anthropic
  • Apple
  • Atlassian
  • Dropbox
  • Google
  • Miro

Email authentication strong

SPF
v=spf1 mx ip4:193.69.134.11 ip4:109.239.225.26 a:joc-mail01.osl.basefarm.net include:spf.protection.outlook.com include:servers.mcsv.net include:_spf.online.superoffice.com include:_spf.sndr.no include:sendgrid.net -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:dmarc.reports@afgruppen.no; ruf=mailto:dmarc.reports@afgruppen.no; adkim=s; aspf=s; pct=100; rf=afrf; ri=86400; sp=reject
policy: quarantine · sp=reject
DKIM
Show 4 DKIM selectors
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCZhN+yOLEGx/d2ToneXyjlbF4W0r74UGf3IvZWRCx6zMHKjY5LRDyZpqEA4qawjobinYbG4bhd44Sv6UolkC…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1EPO/jATh4rHygr3DC5g0Ineqaux/brAOTnTYrx9rg0CW90tI0sOw9AfOGUJedhfQK4hsM0SlQVRYbn5e…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVbJmwxRFWvvzFQpp2u3DuEWxBZi9y4FQMKlDL/ZUTzz0Q1Zt8HxtzJGII3PMBB9qpd/SNLnwhWPjLUXMG…
selectors probed

Certificate (current)

WE1
from 2026-05-07 to 2026-08-05
Expires in 65 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.afgruppen.no/

present
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), gamepad=(self "https://experience.arcgis.com" "https://arcg.is"), speaker-selection=()
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline'; script-src 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' https://*.googleapis.com https://*.reachmee.com https://afgruppen.api.alv.no https://afgruppen.api.alv.no/investor.js https://cdn.jsdelivr.net/npm/ixbrl-viewer@1.4.89/iXBRLViewerPlugin/viewer/dist/ixbrlviewer.js https://cdn.jsdelivr.net/npm/ixbrl-viewer@1.4.43/iXBRLViewerPlugin/viewer/dist/ixbrlviewer.js https://cdn.jsdelivr.net/npm/ixbrl-viewer@1.4.18/iXBRLViewerPlugin/viewer/dist/ixbrlviewer.js https://cdn.ontame.io/ https://cdn.ontame.io/af.js https://cdn.ravenjs.com/3.15.0/raven.min.js https://client.imageshop.no/scripts/tiny_mce_popup.js https://connect.facebook.net https://connect.facebook.net/en_US/fbevents.js https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10822893203/ https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js https://policy.app.cookieinformation.com/ https://policy.app.cookieinformation.

Links to (6)

Linked from (1)