indexo.dev

vy.no

.no crawl

First seen 2026-05-12 · Last seen 2026-05-18 · ok HTTP/1.1 200 2250 ms crawled 2026-05-18

US · 96.45.83.136 · AS16552 Tiggee LLC

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
Vy | Tog | Buss | Taxi | Bestill din reise på vy.no
Description
Kjøp billett til Vys bussavganger og togavganger med Vy, Go-Ahead, SJ NORD og kollektivtransport. Du finner også informasjon hvordan du kan bestille taxi i Vy-appen!
Language
nb
Canonical
https://www.vy.no
Translations
  • en
  • nb
  • nn

Open Graph

title
Vy | Tog | Buss | Taxi | Bestill din reise på vy.no
site:name
Vy
description
Kjøp billett til Vys bussavganger og togavganger med Vy, Go-Ahead, SJ NORD og kollektivtransport. Du finner også informasjon hvordan du kan bestille taxi i Vy-appen!

Technology

CDN
Amazon CloudFront

Third-party hosts loaded (4)

  • scontent-lhr6-1.cdninstagram.com×2
  • scontent-lhr6-2.cdninstagram.com×2
  • scontent-lhr8-1.cdninstagram.com×2
  • scontent-lhr8-2.cdninstagram.com×2

Social

Contact

Address
Schweigaards gate 23, N-0191, Oslo, Norway

Registration

Registrar
Ascio Technologies Inc.
Created
2019-06-14
Updated
2025-09-09
Name servers
  • ns1.zaccodns.com
  • ns2.zaccodns.se
  • dns1.zaccodigitaltrustlabs.com
  • dns2.zaccodigitaltrustlabs.net
  • dns3.zaccodigitaltrustlabs.se
  • dns4.zaccodigitaltrustlabs.se

DNS records live

NS
  • dns1.zaccodigitaltrustlabs.com
  • dns2.zaccodigitaltrustlabs.net
  • dns3.zaccodigitaltrustlabs.se
  • dns4.zaccodigitaltrustlabs.se
  • ns1.zaccodns.com
  • ns2.zaccodns.se
MX
  • 0 vy-no.mail.protection.outlook.com
TXT
Show 43 TXT records
  • 3w66mz15trdyd17958n3vhf7hx0tbfxv
  • ytzv2dhwl1qbwbsy7rskwnd6qnm9w070
  • 05qkxltdpy4zx5450j6vxgj1ytf9lwkp
  • _1qivwekpskl8eejg8m0s46kycxuzms9
  • _dx36uhgi00s9shw1oql6n7c06pghfys
  • atlassian-domain-verification=n/jF4F5sPZs3YcNvgMbgZQHK8t/wxK7MXQGYPekZUYSZ103VwgUyemrv9pseh2XA
  • rpmvlsmygvjzz4qqdhgrd7g3sytvpl73
  • 07q7846m7cn36j98j6glm0r15wt5wwth
  • qxpddsdpjy29s3hpgnrmzh6wnzv038gt
  • 1gdmmlmbn9hfs6m5nw6drb22y5tdpgtz
  • 16w914cr0xqq2mp8bds4nb0w5mll94m6
  • apple-domain-verification=JERbxkDRoMYFRUql
  • _cv2hmmavde4fzk3a2599sg2b7azj449
  • _by2a6lkd95ucemi2z3cujc318b3zblj
  • 8zhf2gsjn1q103319pyzdpkyl9dc3sgp
  • _m2hkbwn1xnrtdavelrfnbrmlwphv024
  • google-site-verification=VTfB-0zE7eMGGACREQpoL4FTtspgjVp2KJFU0Lo1lBE
  • vg3gy9x45ftqtz5ljg15qq6n546tr8ly
  • _a6tb77kzbd80zyn3tyxeime5e2om613
  • _90dht87szbtpdbz980zs5bchyc7pzll
  • miro-verification=f3956190397dbec6439c71da0b09d97b38f01380
  • _tlvtpx1qr6x60tfvqlltw72il0uc96y
  • lqfh8hlgtw6pd6lbqbf8yjyb50brh7f3
  • yy8yh8vkmmhjwdf9k9tnhcjqv0cpw3wk
  • anthropic-domain-verification-0agxn2=nBI1OvbIf2LqaiMqgUjZEuONq
  • _fnqynjgr0onna6wwiqeozievpzj2j5y
  • hft20p9ht158jk42jvffn6qhx49g4d7r
  • nbmkcdn27k7v1ml0ssxntpmgxb0f8xg5
  • _6ndxou9btr9xnvwbwlebp6kvhoyqoiz
  • _dbbl6hpbo0sp8ygsv3t2lypq1vp8mqc
  • 8h9dvng91clff2g6zw5k00tlj9y3wjy5
  • facebook-domain-verification=okyd6pq8f6rywjv5gnn3w0sw8wuxal
  • _6lk4yudt5vgslsqjwo5cbdurckbh2gz
  • phtthmwm4xh07ykflqsm1mp303yhypj6
  • m0tsd9pt5wgff62h6q5nd6lt79zdwmp0
  • zb28rt21rwjr394hp8kf2zk3zkv5sz8v
  • mtrwbnyqj7p4zkps3jd2nbsjcdywks8z
  • sG/AylXPYdIJ8eh2JxcjfcKHLzPxElkc58h6qhbNiO6fLiG3xvUlNDukO+RA4L0R3AcvKTXx5JH1ZyKrsjgZ+Q==
  • _xdbfxenrwm9kilnl5s5jy105ivbtp84
  • google-site-verification=WCwKcnck2smK51WA0mholMoZnYrsz7iedVP2u4nyZvM
  • JRQ1oCAgwYHl8NlO3QV2mXhHU98mxzPC5ay8XQx8cVeiG/O3v2QACm8gJHSQjLYP+aGUJeY7wLKpkAJPsVeXVw==
  • workplace-domain-verification=l3MRFzBq3JztM2J6567Elg4EgysCMU
  • MS=ms99392112

Email authentication strong

SPF
v=spf1 include:spf.vy.no.eu-jfcbhtn7.e1.dspf.app -all
strict (-all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:dmarc_agg@vali.email,mailto:dmarc-report@vy.no,mailto:jfcbhtn7@rua.eu.dmarcmanager.app; ruf=mailto:dmarc-report@vy.no; fo=1
policy: quarantine
DKIM
  • selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCiHBFMFmsg0TAGBZsRCnubftVRGKQThLRg8OpVXkV5f3XCldaa3V/QVEoBl1AhRCiCe+yYIwcAxtCaZGteyj…
  • s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscZjy+sw4UmasDdnNjld8Mm56sc9T6voDEwkvNTDM8L0cKq9BZuFkWETk0Am46aWtWOl7ajFqbWBx0mBjr…
  • s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC7W472aBJb3JWa66/S2sF2JFdai4vE3LF5tR3XO6OC+ELobCh7ppuqT6IPHB3+kk1+UYYb4Z2o+3qM+kwhbYy439…
selectors probed

Certificate (current)

RapidSSL TLS RSA CA G1
from 2025-08-27 to 2026-09-23
Expires in 127 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.vy.no

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src 'self' 'nonce-fe938d90dfa171ac8def837685e72f8e' https://wds.ace.teliacompany.com https://api.ace.teliacompany.net *.ace.teliacompany.net https://chat.kindlycdn.com *.kindly.ai *.zdassets.com https://*.zdassets.com *.zendesk.com https://*.zendesk.com vytag.zendesk.com *.zopim.com https://*.zopim.com https://zendesk-eu.my.sentry.io *.smooch.io https://*.smooch.io api.eu-1.smooch.io https://www.google.com https://dd.infra.vy.no https://api-js.datadome.co https://*.vy.no; style-src 'self' 'unsafe-inline' https://wds.ace.teliacompany.com https://chat.kindlycdn.com *.kindly.ai https://www.google.com; img-src 'self' data: https://view-components.cloud.nsb.no https://wds.ace.teliacompany.com https://api.ace.teliacompany.net *.ace.teliacompany.net https://chat.kindlycdn.com https://static.kindlycdn.com *.kindly.ai https://v2assets.zopim.io https://static.zdassets.com *.zdassets.com https://*.zdassets.com *.zendesk.com https://*.zendesk.com vytag.zendesk.com *.smooch.io https://*.smo

Links to (6)

Linked from (1)