ahavus.fi

.fi crawl

First seen 2026-05-29 · Last seen 2026-05-31 · ok HTTP/1.1 200 1955 ms crawled 2026-05-31

US · 54.189.34.167 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Ahavus loma-asunnot Himoksella
Description: Vuokrattavat loma-asunnot Himoksen parhailta paikoilta.
Language: en
Canonical: https://www.ahavus.fi/

Open Graph

url: https://www.ahavus.fi/
title: Ahavus loma-asunnot Himoksella
locale: en
description: Vuokrattavat loma-asunnot Himoksen parhailta paikoilta.

Technology

Server: nginx
CMS: Next.js

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (7)

bookingenginecdn.hostaway.com×37
static-production-nextjs.hostaway.eu×23
fonts.googleapis.com×3
hostaway-platform.s3.us-west-2.amazonaws.com×2
www.googletagmanager.com×2
bookingenginecdn-2.hostaway.com×1
fonts.gstatic.com×1

Social

Contact

Email

DNS records live

NS

ns1.domainhotelli.fi
ns2.domainhotelli.fi

MX

Show 6 MX records

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
15 z75bbddwhevcikuqrepea5dbcumpscrg2zwk4el77ocxpypzxroq.mx-verification.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

Email authentication weak

SPF

v=spf1 +a +mx +ip4:31.217.196.198 +ip4:31.217.196.199 ~all

softfail (~all)

DMARC

not published

DKIM

default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrafCO/TT8cYhd05TU2uBBj3qLWE2KxWl7bMcNDAQh04XTilsI1YmBdV+siYyrqQSHQQAz5rCDnf6H…

selectors probed

Certificate (current)

R13

from 2026-05-18 to 2026-08-16

Expires in 76 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://www.ahavus.fi/

present

strict-transport-security
content-security-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: script-src 'self' https://* 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://* blob: 'unsafe-inline'; img-src 'self' https://* data: blob:; media-src 'self' https://*; connect-src 'self' https://* wss://*; form-action 'self' https://*; frame-src 'self' https://*; frame-ancestors 'self' https://*; worker-src 'self' https://* 'unsafe-inline' 'unsafe-eval' blob:
strict-transport-security: max-age=600

Links to (2)

instagram.com×1
facebook.com×1

Linked from (1)

himos.fi×1