thon.no
thon.no
HTML metadata
Technology
- Analytics
-
- Google Tag Manager
Third-party hosts loaded (5)
- dam.thon.com×12
- olavthon.imagevault.media×1
- www.google.com×1
- www.googletagmanager.com×1
- www.gstatic.com×1
Contact
- Phone
- Address
- Stenersgata 2, Oslo, Oslo, Norway
Registration
- Registrar
- Corporation Service Company
- Created
- 2016-12-20
- Updated
- 2025-12-20
- Name servers
-
- ns1-08.azure-dns.com
- ns2-08.azure-dns.net
- ns3-08.azure-dns.org
- ns4-08.azure-dns.info
DNS records live
- NS
-
- ns1-08.azure-dns.com
- ns2-08.azure-dns.net
- ns3-08.azure-dns.org
- ns4-08.azure-dns.info
- MX
-
- 0 thon-no.mail.protection.outlook.com
- TXT
-
5oi0t968qnoe9f9qekgvqisciq_epdb2d8tynmw3ivnzmi9iiow94snis4mqu5dlg7bscuiaf36ttgj0hp93
- Verified for
-
- Anthropic
- Atlassian
- Dropbox
- Figma
- Miro
- Postman
- TeamViewer
Email authentication partial
- SPF
-
v=spf1 include:spf.protection.outlook.com include:_spf.online.superoffice.com ip4:168.245.60.1 ip4:149.72.216.22 ip4:185.250.239.150 ip4:141.193.32.154 ip4:143.55.238.196 ip4:147.154.153.87 ip4:138.1.67.161 ip4:138.1.65.17 ip4:62.92.37.226 ip4:62.92.37.229 ip4:62.92.37.236 ip4:62.92.37.237 ip4:185.181.60.178 ip6:2a03:94e0:ffff:185:181:60:0:178 ip4:138.1.67.183 ip4:140.83.44.211 -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:aptuvbir@ag.eu.dmarcadvisor.com; ruf=mailto:aptuvbir@fr.eu.dmarcadvisor.com; fo=0:1:d:s; pct=100; adkim=s; aspf=spolicy: none (monitoring only) - DKIM
-
Show 4 DKIM selectors
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqIPPfFpfwJ+Gs8PtR+4uSxtK/DnsoIw8ZuZBgWBjhAbkOR0nkG5IXtUcIqQi7I3w5ylDoDPzfuQe6… - selector2:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtTK1pY6WNDOCSBFs9LHPBdAPSvMe/hsmu68Tr0ppqPHKQdEqcE2wkhdR3hd8HhzYWtwN1MpXYFMPU… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsOIqhurWrVCOlXPmdYDJ+6iG2NvhyPpsPpVLSTJ0uTbW8CtjBAxHZqW2KF8JYQ3Nr4oJKiAi0LJ4cy87n… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3NJq9LS1oQGj/UV7mIRmfdQ6N7oKJiueyeuVt1XZRlRJGnl2U25JknCrVdS9SzoDZogWEgHHHov8pB2tUbpvicS…
selectors probed - selector1:
Certificate (current)
Go Daddy Secure Certificate Authority - G2
Expires in 138 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- short HSTS max-age
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
same-origin- x-frame-options
SAMEORIGIN- permissions-policy
publickey-credentials-get=(), xr-spatial-tracking=(), screen-wake-lock=(), cross-origin-isolated=(), web-share=(), picture-in-picture=(), keyboard-map=(), encrypted-media=(), display-capture=(), usb=(), serial=(), payment=(), midi=(), microphone=(), magnetometer=(), geolocation=(), camera=(), fullscreen=(), autoplay=(), accelerometer=()- x-content-type-options
nosniff- content-security-policy
script-src https://js.monitor.azure.com 'self' 'unsafe-inline' googleads.g.doubleclick.net *.googleadservices.com *.googletagmanager.com *.google-analytics.com *.googlesyndication.com *.googleapis.com *.gstatic.com *.google.com *.ggpht.com *.cookieinformation.com *.hotjar.com *.mouseflow.com *.cloudfront.net siteimproveanalytics.com sandbox-thon.bynder.com scripts.teamtailor-cdn.com *.amplitude.com; frame-src *.google.com www.googletagmanager.com *.cookieinformation.com sdk.companywebcast.com ir.oms.no *.cloudfront.net *.youtube.com *.vismasignforms.com kunde.byggekamera.no 'self'; connect-src https://dc.services.visualstudio.com https://js.monitor.azure.com 'self' https://login.microsoftonline.com/ *.thon.no thon.no *.olt.no olt.no *.applicationinsights.azure.com *.google.com *.google-analytics.com *.googlesyndication.com *.googleapis.com *.cookieinformation.com *.hotjar.com *.hotjar.io wss://ws.hotjar.com *.mouseflow.com scripts.teamtailor-cdn.com api.teamtailor.com sandbox-thon.bynd- strict-transport-security
max-age=2592000