minunmedia.fi
minunmedia.fi
HTML metadata
Technology
- Fonts
-
- Google Fonts
Third-party hosts loaded (2)
- fonts.googleapis.com×2
- fonts.gstatic.com×1
DNS records live
- NS
-
- ns-1025.awsdns-00.org
- ns-2028.awsdns-61.co.uk
- ns-492.awsdns-61.com
- ns-588.awsdns-09.net
- MX
-
- 1 aspmx.l.google.com
- 10 aspmx2.googlemail.com
- 10 aspmx3.googlemail.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- Verified for
-
Email authentication partial
- SPF
-
v=spf1 include:_spf.google.com include:amazonses.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none; rua=mailto:dmarc-rua-reports@leanlab.copolicy: none (monitoring only) - DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 41 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://survey.leanlab.co https://digitalist.leanlab.co https://invite.leanlab.co https://survey.interquest.com https://webfonts.creativecloud.com; connect-src 'self'; img-src * data: blob: android-webview-video-poster:; media-src * data: blob:; style-src 'self' 'unsafe-inline' https://survey.leanlab.co https://digitalist.leanlab.co https://invite.leanlab.co https://survey.interquest.com https://fonts.googleapis.com https://webfonts.creativecloud.com; font-src * data:; frame-ancestors 'self' https://survey.leanlab.co https://digitalist.leanlab.co; object-src 'none'; frame-src 'self' https://*.figma.com https://youtu.be https://*.youtube.com https://docs.google.com https://challenges.cloudflare.com; report-uri https://digitalist.leanlab.co/cgi/csp-report- strict-transport-security
max-age=63072000; includeSubDomains