isic.fi

.fi crawl

First seen 2026-05-13 · Last seen 2026-05-19 · ok HTTP/1.1 200 1251 ms crawled 2026-05-19

IE · 40.127.145.164 · AS8075 Microsoft Corporation

Reputation 100/100

Classifying

HTML metadata

Title: ISIC opiskelijakortilla saat yli 150.000 opiskelija-alennusta!
Description: Kansainvälinen opiskelijakortti ISIC on lippusi yli 150.000 opiskelija-alennukseen. ISIC-kortilla todistat opiskelijastatuksesi yli 130 maassa. Tilaa ISIC jo tänään!
Language: en

Technology

CMS: Next.js

Analytics

Google Tag Manager

Third-party hosts loaded (3)

kilroygroup.net×18
cdneu.net×1
www.googletagmanager.com×1

Social

Registration

Created

2008-10-03

Name servers

uma.ns.cloudflare.com [ok]
paul.ns.cloudflare.com [ok]

DNS records live

NS

paul.ns.cloudflare.com
uma.ns.cloudflare.com

MX

10 isic-fi.mail.protection.outlook.com

TXT

PzLDr/qsGbMR5zhzHL3yLgC05KW8WbwUxjWyCuqQtSma8NtkuWi5nfWrWnTlYk2viBoRzB0E4hmw04EO8jrnFQ==
facebook-domain-verification=wsxol0eslspg4gbio1uj5dft5k9yqv

Email authentication strong

SPF

v=spf1 ip4:195.95.172.0/24 ip4:212.98.88.82 ip4:213.239.91.222 ip4:94.168.92.218  ip4:151.193.224.244 ip4:151.193.224.245 ip4:151.193.65.92 ip4:151.193.65.93 ip4:3.216.76.230 ip4:64.34.80.172 include:spf.protection.outlook.com include:mailmailmail.net include:_spf.atlassian.net -all

strict (-all)

DMARC

v=DMARC1;  p=reject; rua=mailto:49a6e0c297a243ef8dd2d6318518c008@dmarc-reports.cloudflare.net,mailto:rua-dmarc@kilroy.net

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrKx2KmLowwl6Onpcde6RAq5VeEuLwSpkW55DJlDf30M3hD3rwIQ/8RytjDZYgSz4gzRnyROmelqd5XTYonz…
selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZkLYHl/tsd8UZgkBj0FI+ZLUou0IAaXdOpXBXjbr2EiOAOuv/uPbG36opk0yBKWlFwHoKbfE0g0by24G7p1…

selectors probed

Certificate (current)

R13

from 2026-04-09 to 2026-07-08

Expires in 49 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.isic.fi/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' *.kilroygroup.net *.qa.kilroygroup.net api.simplesvg.com api.iconify.design *.isic.org *.google-analytics.com *.clarity.ms *.cookieinformation.com static.hotjar.com; connect-src 'self' *.kilroygroup.net *.qa.kilroygroup.net api.simplesvg.com api.iconify.design *.isic.org *.google-analytics.com *.googlesyndication.com *.google.com *.clarity.ms *.cookieinformation.com static.hotjar.com https://capture-api-eu.ortto.app *.maptiler.com *.isic.fi *.isic.is *.isic.nl *.isic.no *.isic.se *.isicdanmark.dk; img-src * data: https://capture-api-eu.ortto.app; media-src 'self' blob: *.kilroygroup.net; font-src 'self' data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.isic.org *.googletagmanager.com *.google-analytics.com *.clarity.ms *.cookieinformation.com static.hotjar.com https://cdneu.net *.isic.fi *.isic.is *.isic.nl *.isic.no *.isic.se *.isicdanmark.dk; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' *.isic.org; object-src 'none'; base-uri 'se
strict-transport-security: max-age=31536000;

Links to (7)

Linked from (1)

isic.org×1