indexo.dev

barnebokkritikk.no

.no crawl

First seen 2026-06-02 · Last seen 2026-06-02 · ok HTTP/1.1 200 737 ms crawled 2026-06-02

NO · 194.63.248.52 · AS12996 Domeneshop AS

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title
Barnebokkritikk.no
Language
nb-NO
Generator
WordPress 7.0
Feeds

Technology

Server
nginx
CMS
WordPress 7.0

Contact

Email
Phone

DNS records live

NS
  • ns1.hyp.net
  • ns2.hyp.net
  • ns3.hyp.net
MX
  • 10 mx.domeneshop.no
TXT
  • eoid-domain-verification=6847e679-41d8-4414-bec1-bf2b7e41d767
Verified for
  • Brevo

Email authentication partial

SPF
v=spf1 include:_spf.domeneshop.no ~all
softfail (~all)
DMARC
v=DMARC1; p=none; rua=mailto:rua@dmarc.brevo.com
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-05-09 to 2026-08-07
Expires in 63 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.barnebokkritikk.no/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
base-uri 'self'; connect-src 'self'; default-src 'self'; font-src 'self' data:; form-action 'self'; frame-ancestors 'none'; frame-src 'self' https://*.spotify.com https://*.soundcloud.com; img-src 'self' blob: data: https://secure.gravatar.com https://www.barnebokkritikk.no; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.mailchimp.com https://*.amazonaws.com; worker-src 'self' data: blob: 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.mailchimp.com; upgrade-insecure-requests, upgrade-insecure-requests

Links to (6)

Linked from (1)