indexo.dev

gildeskaal-sparebank.no

.no crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 1175 ms crawled 2026-05-30

US · 159.60.133.137 · AS35280 F5 Networks SARL

Reputation 100/100

Classifying

HTML metadata

Title
Gildeskål Sparebank
Description
Gildeskål Sparebank
Language
nb-NO
Canonical
https://www.gildeskaal-sparebank.no/

Open Graph

url
https://www.gildeskaal-sparebank.no/
locale
nb-NO

Technology

Server
volt-adc
Stack
ASP.NET
Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • app.eika.no×1
  • www.googletagmanager.com×1

Contact

Phone

DNS records live

NS
  • dns1.cscdns.net
  • dns2.cscdns.net
TXT
  • ff7095e00c71b6b0ce53b327a9f7d98569d64d8cef20e80d1518938c724861ae
Verified for
  • GlobalSign
  • Microsoft 365

Email authentication no MX

SPF
v=spf1 -all
strict (-all)
DMARC
v=DMARC1; p=reject; fo=1; rua=mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

Buypass Class 3 CA 2
from 2025-10-13 to 2026-06-29
Expires in 29 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.gildeskaal-sparebank.no/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SameOrigin
x-content-type-options
nosniff
content-security-policy
default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.google.com https://*.gstatic.com *.googleapis.com https://app.eika.no/infrastruktur-styleguide-web/ https://www.youtube.com/iframe_api https://www.youtube.com/s/player/ https://eika.piwik.pro/ppms.js https://svc.kundedialog.eika.no/t/w https://mktdplp102cdn.azureedge.net/public/latest/js/form-loader.js https://cdn.spinnaker-js.com/rc/ https://acdn.adnxs.com/dmp/up/pixie.js siteimproveanalytics.com https://www.googletagmanager.com https://in.taskanalytics.com https://connect.facebook.net https://googleads.g.doubleclick.net www.googleadservices.com https://secure.adnxs.com http://ib.adnxs.com https://*.mookie1.com *.google-analytics.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://app.eika.no/infrastruktur-styleguide-web/ https://tagmanager.google.com;img-src 'self' * data: region1.google-analytics.com region1.analytics.google.com;frame-src 'self' *.youtube.com *.youtube-nocookie.com *.v
strict-transport-security
max-age=31536000

Links to (3)

Linked from (1)