indexo.dev

bulder.no

.no crawl

First seen 2026-05-29 · Last seen 2026-05-31 · ok HTTP/1.1 200 634 ms crawled 2026-05-31

US · 34.149.183.197 · AS396982 Google LLC

Reputation 100/100

Classifying

HTML metadata

Title
Boliglån uten gebyrer og automatisk lavere rente - Bulder
Description
Bulder er bygget med den beste teknologien. Trolig Norges raskeste bank-app. Vi redefinerer bank, og begynner med boliglån. Søk og flytt ditt boliglån i dag.
Language
no
Generator
Gatsby 5.15.0
Canonical
https://www.bulder.no

Open Graph

url
https://www.bulder.no
title
Boliglån uten gebyrer og automatisk lavere rente - Bulder
description
Bulder er bygget med den beste teknologien. Trolig Norges raskeste bank-app. Vi redefinerer bank, og begynner med boliglån. Søk og flytt ditt boliglån i dag.

Technology

CMS
Gatsby 5.15.0

Third-party hosts loaded (2)

  • cdn.sanity.io×21
  • dev.visualwebsiteoptimizer.com×1

Social

DNS records live

NS
  • ns1-08.azure-dns.com
  • ns2-08.azure-dns.net
  • ns3-08.azure-dns.org
  • ns4-08.azure-dns.info
MX
  • 10 mxa-002cb301.gslb.pphosted.com
  • 10 mxb-002cb301.gslb.pphosted.com
Verified for
  • Anthropic
  • Atlassian
  • Google
  • Microsoft 365

Email authentication strong

SPF
v=spf1 include:spf-002cb301.pphosted.com include:mailgun.org ip4:217.18.206.0/24 -all
strict (-all)
DMARC
v=DMARC1; p=reject; rua=mailto:93f8e24151ce961@rep.dmarcanalyzer.com; ruf=mailto:dmarc-forensic@bulder.no; fo=1;
policy: reject (enforced)
DKIM
  • s1: v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui1HgOQeJTXTq6zMwq4CgSNGywvbhI+NY6o8QmtBxArRwGGuGAtzHkbbDfFe0lbRAoexgydmEnDFFxUs5mE7q…
selectors probed

Certificate (current)

R12
from 2026-05-19 to 2026-08-17
Expires in 78 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.bulder.no/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak frame protection
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
ALLOW-FROM https://bulderbank-new.sanity.studio
permissions-policy
geolocation=(), microphone=(), camera=(), fullscreen=(self)
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.youtube.com; media-src 'self' data: https://*.sanity.io; script-src 'self' 'unsafe-inline' https://*.clarity.ms https://*.hotjar.com https://*.hotjar.io https://www.googletagmanager.com https://*.skyra.no https://*.launchdarkly.com https://*.intercom.io https://*.intercomcdn.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://*.sanity.io https://*.visualwebsiteoptimizer.com https://*.clarity.ms https://*.google.no https://www.googletagmanager.com https://*.hotjar.com https://*.hotjar.io; connect-src 'self' https://api-eu.mixpanel.com https://*.sanity.io https://*.launchdarkly.com https://*.bulderbank.tech https://*.intercom.io https://*.visualwebsiteoptimizer.com https://*.hotjar.com https://*.hotjar.io https://*.clarity.ms https://*.analytics.google.com https://*.google-analytics.com wss://*.intercom.io wss://ws.hotjar.com https://*.skyra.no https://*.doubleclick.net; font-src 'self' data: https://*.hotjar.com https://*.hotjar.io; object-sr
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (6)

Linked from (1)