skinthal.no

.no crawl

First seen 2026-06-01 · Last seen 2026-06-01 · ok HTTP/1.1 200 571 ms crawled 2026-06-02

NO · 91.220.196.231 · AS50304 Blix Solutions AS

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title: Skinthal Forside-Skinthal-2
Language: nb

Technology

Server: Apache
CMS: Gatsby
Stack: PHP

Third-party hosts loaded (2)

js-eu1.hs-scripts.com×1
maxcdn.bootstrapcdn.com×1

Social

Contact

Email

post@skinthal.no

Phone

+47 476 47 700

Address

Ole Deviks vei 26, Norway

DNS records live

NS

ns1.hyp.net
ns2.hyp.net
ns3.hyp.net

MX

0 skinthal-no.mail.protection.outlook.com

Verified for

Microsoft 365

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:65ba377dc1898@ag.eu.dmarcly.com; ruf=mailto:65ba377dc1898@fo.eu.dmarcly.com; sp=none;

policy: none (monitoring only) · sp=none

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQjgE38f2beGrm9Ke8MeAwWc/FmWV9+rohqNyc9GR3dr24XDNfGDaNLW+GwriarJ7aXCzJqWG3YZk32cvfCM…
selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzY3IKiIDAAAqK2mTNwfJbidUzdEK2yXZajis/4iPXl/fiWE69OJ3moBKG8KH8936G3S7T1y199qDuM…

selectors probed

Certificate (current)

R13

from 2026-05-04 to 2026-08-02

Expires in 60 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://skinthal.no/

present

content-security-policy-report-only
x-frame-options
x-content-type-options

findings

missing HSTS
missing Content Security Policy
weak frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN, SAMEORIGIN
x-content-type-options: nosniff
content-security-policy-report-only: worker-src blob:; font-src www.paypalobjects.com *.googleapis.com *.gstatic.com data: https://static.parastorage.com *.fontawesome.com maxcdn.bootstrapcdn.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com www.facebook.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src bid.g.doubleclick.net https://www.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com www.paypalobjects.com player.vimeo.com *.youtube.com https://www.google.com/recaptcha/ www.google.com blob: www.googletagmanager.com www.facebook.com *.google.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de *.google.it *.google.fr *.googletagmanager.com *.google.com/ 'self' 'unsafe-inline'; img-src data: widgets.magentocommerce.com www.googleadservices.com *.google-analytics.com googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net *.analytics.google.com www.googleta

Links to (2)

instagram.com×1
facebook.com×1

Linked from (1)

thalgo.com×1