indexo.dev

nivr.no

.no crawl

First seen 2026-05-27 · Last seen 2026-05-27 · ok HTTP/1.1 200 1306 ms crawled 2026-05-30

DE · 146.0.231.246 · AS29066 velia.net Internetdienste GmbH

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Næringsforeningen i Værnesregionen
Language
no

Open Graph

url
https://nivr.no/-1
title
Næringsforeningen i Værnesregionen

Technology

Server
Apache
jQuery
3.6.0
Stack
PHP
Analytics
  • Google Tag Manager
Cookie consent
  • Cookiebot
Fonts
  • Adobe Fonts

Third-party hosts loaded (4)

  • event.getynet.com×3
  • consent.cookiebot.com×1
  • use.typekit.net×1
  • www.googletagmanager.com×1

Social

Contact

Email

DNS records live

NS
  • ns1.hyp.net
  • ns2.hyp.net
  • ns3.hyp.net
MX
  • 0 nivr-no.mail.protection.outlook.com

Email authentication partial

SPF
v=spf1 include:spf.protection.outlook.com include:_spf.getynetmail.com -all
strict (-all)
DMARC
v=DMARC1; p=none
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

E7
from 2026-05-22 to 2026-08-20
Expires in 80 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://nivr.no/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
same-origin
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
manifest-src 'self'; frame-ancestors 'none'; frame-src 'self' *.cookiebot.com https://event.getynet.com https://event2.getynet.com https://boardportal.getynet.com https://sidebar.bugherd.com; default-src 'self' https://player.vimeo.com; media-src 'self' https://*.vimeo.com https://*.vimeocdn.com https://*.youtube.com https://*.youtube-nocookie.com; script-src 'self' 'nonce-993d72a7fd2658fd5688c175bdfee8a0354fed8cd64636b54dce4bd1af677b19' 'unsafe-eval' *.cookiebot.com https://www.youtube.com; connect-src 'self' *.cookiebot.com https://*.pusher.com; img-src 'self' data: *.cookiebot.com https://event.getynet.com https://event2.getynet.com https://boardportal.getynet.com https://s16.getynet.com https://*.cloudfront.net/; style-src 'self' 'unsafe-inline' stackpath.bootstrapcdn.com fonts.googleapis.com use.typekit.net p.typekit.net; base-uri 'self'; form-action 'self'; font-src 'self' https://stackpath.bootstrapcdn.com https://fonts.googleapis.com https://fonts.gstatic.com https://use.typeki
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (13)

Linked from (1)