emmashop.fi

Technology

Server

nginx

CMS

Gatsby

Third-party hosts loaded (1)

• cdn.ravenjs.com×2

Registration

Created

2019-04-25

Name servers

• ns1.domainhotelli.fi [31.217.196.245] [ok]
• ns2.domainhotelli.fi [35.243.183.207] [ok]

DNS records live

NS

• ns1.domainhotelli.fi
• ns2.domainhotelli.fi

MX

• 0 mail04.domainhotelli.fi

Email authentication partial

SPF

v=spf1 +a +mx +ip4:31.217.196.211 +ip4:31.217.196.212 +ip4:31.217.196.213 include:spf.welcomnet.fi ~all

softfail (~all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

• default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8VE4IEtcwKO6yUTjf2iz4BnFBaDZF4TMU4R7VGCjJ6Kk3l8mzMYv6t5ndGZezYjCVvSyZ1qI+y1Kyv…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.emmashop.fi/

present

• strict-transport-security
• content-security-policy
• x-frame-options
• x-content-type-options
• referrer-policy

findings

• CSP allows unsafe inline scripts/styles
• CSP uses wildcard sources
• missing Permissions Policy

Linked from (1)

• emmamuseum.fi×1