indexo.dev

biomat-shop.fi

.fi crawl

First seen 2026-05-14 · Last seen 2026-05-19 · ok HTTP/1.1 200 9205 ms crawled 2026-05-19

AT · 193.58.164.132 · AS202516 web-crossing GmbH

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
Ekologisia jätesäkkejä ja biojätepusseja | BIOMAT®-verkkokauppa
Description
Verkkokaupastamme löydät kestäviä biojätepusseja ja jätesäkkejä kompostiin sekä muita ympäristöystävällisiä ratkaisuja jätehuoltoon. Siirry kauppaan tästä!
Language
fi
Translations
  • en ×3
  • nl ×2
  • fi
  • fr
  • it

Technology

Server
Apache
CMS
Gatsby
Analytics
  • Google Tag Manager
Cookie consent
  • Usercentrics
Third-party hosts loaded (8)
  • www.biomat-shop.com×7
  • privacy-proxy.usercentrics.eu×3
  • www.biomat-shop.be×3
  • www.googletagmanager.com×3
  • www.biomat-shop.it×2
  • www.biomat-shop.nl×2
  • app.usercentrics.eu×1
  • integrations.etrusted.com×1

Social

Contact

Email
Phone

Registration

Created
2020-01-29
Name servers
  • dns2.epag.net [ok]
  • dns1.inter.at [ok]
  • dns3.inter.at [ok]

DNS records live

NS
  • dns1.inter.at
  • dns2.epag.net
  • dns3.inter.at
Verified for
  • Brevo
  • Google

Email authentication no MX

SPF
not published
DMARC
v=DMARC1; p=none; rua=mailto:rua@dmarc.brevo.com
policy: none (monitoring only)
DKIM
  • mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
selectors probed

Certificate (current)

RapidSSL TLS RSA CA G1
from 2026-01-11 to 2027-01-11
Expires in 235 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://www.biomat-shop.fi/

present
  • content-security-policy-report-only
  • x-frame-options
  • x-content-type-options
findings
  • missing HSTS
  • missing Content Security Policy
  • weak frame protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-content-type-options
nosniff
content-security-policy-report-only
font-src https://*.gstatic.com *.gstatic.com *.fontawesome.com https://widgets.trustedshops.com fonts.googleapis.com fonts.gstatic.com *.website-files.com data: 'self' 'unsafe-inline'; form-action pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.adyen.com pay.google.com payments-eu.amazon.com *.amazon.de *.cardinalcommerce.com *.paypal.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src bid.g.doubleclick.net *.youtube.com *.youtube-nocookie.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com https://www.google.com/recaptcha/ *.adyen.com pay.google.com *.paypal.com *.google.com *.google.com.ua *.google.co.uk *.google.nl *.google.be *.google.de td.doubleclick.net www.googletagmanager.com www.google.com/recaptcha/ www.paypal

Links to (8)

Linked from (4)