indexo.dev

hepo.fi

.fi crawl

First seen 2026-05-27 · Last seen 2026-05-27 · ok HTTP/1.1 200 2172 ms crawled 2026-05-30

FI · 77.240.19.45 · AS35382 Glesys AB

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
Helsingin seudun pyöräilijät | Helsingforsregionens cyklister | Helsinki Region Cyclists
Language
fi

Technology

Server
Apache
CMS
WordPress
jQuery
3.3.1 known XSS (<3.5)
Fonts
  • Google Fonts

Third-party hosts loaded (2)

  • cdn.lightwidget.com×2
  • fonts.googleapis.com×2

Social

Contact

Phone

DNS records live

NS
  • dns1.louhi.net
  • dns2.louhi.net
  • dns3.louhi.fi
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com

Email authentication strong

SPF
v=spf1 include:_spf.google.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine; rua=mailto:dmarc@hepo.fi; pct=100; adkim=s; aspf=s;
policy: quarantine
DKIM
  • default: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5P4yB7XfpbXIHpbzHnmIlLcGoV/GiP7thXZ8ZCARUZpgUp0EStGK5sgeL5+aq4B4BZv958Gxndzdu8…
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pQCcIupo+EqpBxPQnsJyv0wEccngwF6sByOHo47IfHpFOz85UhqlPmNabnRXpIZ53LY2oKSdcEfKD…
selectors probed

Certificate (current)

R13
from 2026-05-15 to 2026-08-13
Expires in 73 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 30/100 Checked live page: https://hepo.fi/

findings
  • missing HSTS
  • missing Content Security Policy
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy

Links to (5)

Linked from (1)