indexo.dev

norengros.no

.no crawl

First seen 2026-05-27 · Last seen 2026-05-30 · ok HTTP/1.1 200 788 ms crawled 2026-05-30

IE · 63.33.18.90 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Norengros AS – Næringslivets støtteapparat | Norengros
Description
Norengros er Norges største leverandør av forbruksvarer til privat og offentlig sektor. Vi er en landsdekkende kjede bestående av 13 bedrifter med lokale eiere, med 37 engrosbutikker i hele Norge.
Language
no

Open Graph

url
https://www.norengros.no
title
Norengros AS – Næringslivets støtteapparat | Norengros
site name
Norengros
description
Norengros er Norges største leverandør av forbruksvarer til privat og offentlig sektor. Vi er en landsdekkende kjede bestående av 13 bedrifter med lokale eiere, med 37 engrosbutikker i hele Norge.

Technology

CMS
Next.js
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (5)

  • cdn.sanity.io×22
  • fonts.googleapis.com×1
  • fonts.gstatic.com×1
  • policy.app.cookieinformation.com×1
  • www.googletagmanager.com×1

Social

DNS records live

NS
  • a.ns.isp.as2116.net
  • b.ns.isp.as2116.net
  • c.ns.isp.as2116.net
  • d.ns.isp.as2116.net
MX
  • 0 norengros-no.mail.protection.outlook.com
TXT
  • EP90BfuQCbhoEdAqmkEaAu9tZaq0ckwtSZ+lNlOsIh9taZnyi4QIcXj2ljCu8o6AUZECqFtax0nHVytraGe4vg==
Verified for
  • Apple
  • Google
  • Microsoft 365

Email authentication partial

SPF
v=spf1 include:spf.protection.outlook.com include:amazonses.com a:mail.isp.as2116.net include:_spf.cmail.ondemand.com include:spf.norengros.no include:spf.ballou.se include:spf1.emarketeer.com -all
strict (-all)
DMARC
v=DMARC1; p=none; rua=mailto:dmarc_agg@vali.email;
policy: none (monitoring only)
DKIM
Show 4 DKIM selectors
  • selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHYvFye+pDveNQDCiAkXR5f7loOd7LKBEj14MUO3DLAMEb8PR9HQL7b6vbbpPYBE33lxNUq3vnURAGPjtvK1…
  • k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxunLpoqXzmdvH7BGGYraeS7QWeg191tWCEQPqwWEMwyYQhAgQXxulnhdwPXxEoSg6hP0HUmi2Yv7g5/wB…
  • s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzjn8ZE7k7X1NMHgYNggNIOcH6BZ+Pvh0AFTVg7GxCm71YzXzJBPs1mIb6MhBIskBsmwg0ZgPsa76ljKyV…
selectors probed

Certificate (current)

R12
from 2026-04-30 to 2026-07-29
Expires in 59 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.norengros.no/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
camera=(self), geolocation=(self), microphone=(self), encrypted-media=(self), payment=(self), usb=(self)
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.norengros.getadigital.cloud https://*.norengros.no https://*.google-analytics.com https://*.googletagmanager.com https://*.youtube.com https://*.vimeocdn.com https://*.vimeo.com https://*.hotjar.com https://*.visualwebsiteoptimizer.com https://*.tawk.to https://*.jsdelivr.net https://*.mapbox.com https://*.matomo.cloud https://*.app.cookieinformation.com https://*.clarity.ms https://*.mopinion.com; style-src 'self' 'unsafe-inline' https://*.norengros.getadigital.cloud https://*.norengros.no https://*.googleapis.com https://*.mapbox.com https://*.typekit.net https://*.tawk.to; img-src 'self' data: https://*.norengros.getadigital.cloud https://*.norengros.no https://*.ytimg.com https://*.vimeocdn.com https://*.google-analytics.com https://*.sanity.io https://*.tawk.to https://www.google.no https://www.googletagmanager.com https://*.clarity.ms https://*.bing.com https://cloud.brandmaster.com; font-src 'self' dat
strict-transport-security
max-age=31536000; includeSubDomains

Links to (3)

Linked from (3)