mittinnspill.no

.no crawl

First seen 2026-05-30 · Last seen 2026-06-04 · ok HTTP/1.1 200 520 ms crawled 2026-05-31

US · 150.171.109.200 · AS8075 Microsoft Corporation

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title: MittInnspill
Language: no

Technology

CDN: Azure Front Door

Third-party hosts loaded (1)

policy.app.cookieinformation.com×1

DNS records live

NS

ns1.hyp.net
ns2.hyp.net
ns3.hyp.net

MX

10 0.mx.isp.as2116.net

Email authentication weak

SPF: not published
DMARC: v=DMARC1; p=none
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

GeoTrust TLS RSA CA G1

from 2026-02-26 to 2026-08-27

Expires in 83 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://mittinnspill.no/

present

content-security-policy
content-security-policy-report-only

findings

missing HSTS
CSP allows unsafe inline scripts/styles
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: report-to csp-report; default-src 'self'; img-src 'self' data: blob: www.norkart.no kommuneinfoprod.blob.core.windows.net i.ytimg.com i.vimeocdn.com mittinnspill.api.nkdev.no mittinnspill.api.nktest.no api.mittinnspill.no mittinnspillapidev.azurewebsites.net mittinnspillapiprod.azurewebsites.net; style-src 'self' 'unsafe-inline' https://api.mapbox.com; script-src-elem 'self' https://policy.app.cookieinformation.com/ 'unsafe-inline'; script-src-attr 'self' 'unsafe-inline'; connect-src 'self' https://login.microsoftonline.com https://www.webatlas.no b2c.nkdev.no b2c.norkart.no https://js.monitor.azure.com https://dc.services.visualstudio.com https://westeurope-0.in.applicationinsights.azure.com https://westeurope-1.in.applicationinsights.azure.com https://westeurope-3.in.applicationinsights.azure.com https://westeurope-5.in.applicationinsights.azure.com https://kvp.maps.norkart.no/ https://api.mapbox.com https://a.tiles.mapbox.com https://b.tiles.mapbox.com http://waapi.webatlas.no conse
content-security-policy-report-only: report-to csp-report; default-src 'self'; img-src 'self' data: blob: www.norkart.no kommuneinfoprod.blob.core.windows.net i.ytimg.com i.vimeocdn.com mittinnspill.api.nkdev.no mittinnspill.api.nktest.no api.mittinnspill.no mittinnspillapidev.azurewebsites.net mittinnspillapiprod.azurewebsites.net; style-src 'self' 'unsafe-inline' https://api.mapbox.com; script-src-elem 'self' https://policy.app.cookieinformation.com/ 'unsafe-inline'; script-src-attr 'self' 'unsafe-inline'; connect-src 'self' https://login.microsoftonline.com https://www.webatlas.no b2c.nkdev.no b2c.norkart.no https://js.monitor.azure.com https://dc.services.visualstudio.com https://westeurope-0.in.applicationinsights.azure.com https://westeurope-1.in.applicationinsights.azure.com https://westeurope-3.in.applicationinsights.azure.com https://westeurope-5.in.applicationinsights.azure.com https://kvp.maps.norkart.no/ https://api.mapbox.com https://a.tiles.mapbox.com https://b.tiles.mapbox.com http://waapi.webatlas.no conse

Linked from (1)

nes.kommune.no×1