inatur.no

HTML metadata

Technology

CDN

Cloudflare

Analytics

• Cloudflare Insights
• Google Tag Manager

Fonts

• Google Fonts

Third-party hosts loaded (4)

• fonts.googleapis.com×2
• fonts.gstatic.com×1
• static.cloudflareinsights.com×1
• www.googletagmanager.com×1

DNS records live

NS

• carlos.ns.cloudflare.com
• sofia.ns.cloudflare.com

MX

• 0 inatur-no.mail.protection.outlook.com

TXT

• hibp-verify=dweb_5i8dvgfn9hm1g5j2drt7tmwd

Verified for

• Google
• Microsoft 365

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com include:_spf.sndr.no include:sendgrid.net include:spf.cosng.net include:9193533.spf03.hubspotemail.net a:relay.telecomputing.no include:spf.ilnet.se -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc.rua@inatur.no

policy: none (monitoring only)

DKIM

• s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvadZDQZPzifBV9GZqiq96qagb3kQecsHTsqrqOUA66d9pIGb5XggWAu0nuDMd0FDNHU4aAfh9i1qOjkveW…
• s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtB9m6riTadcNvwoJXpAzDMjOdPO2jJmI4lxmeNXhKKd3xFM7Cl2joc4nrMmSt0ZvLC2WxQXeKyVPK0Z6ro…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://www.inatur.no/

present

• strict-transport-security
• x-content-type-options

findings

• short HSTS max-age
• missing Content Security Policy
• missing frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (1)

• enable-javascript.com×1

Linked from (2)

• statskog.no×1
• njff.no×1