indexo.dev

omaolo.fi

.fi crawl

First seen 2026-05-29 · Last seen 2026-05-29 · ok HTTP/1.1 200 304 ms crawled 2026-05-31

FI · 131.207.104.195 · AS375 Tieto Oyj

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Omaolo
Description
Omaolo on kansallinen digipalvelu, joka auttaa sinua arvioimaan hoidon tai palvelun tarvettasi. Omaolo ohjaa sinut oikean avun luo.
Language
fi

Open Graph

url
https://www.omaolo.fi
title
Omaolo
description
Omaolo on kansallinen digipalvelu, joka auttaa sinua arvioimaan hoidon tai palvelun tarvettasi. Omaolo ohjaa sinut oikean avun luo.

Technology

CMS
Gatsby

Registration

Created
2017-11-13
Name servers
  • ns-cloud-d3.googledomains.com [ok]
  • ns-cloud-d1.googledomains.com [ok]
  • ns-cloud-d4.googledomains.com [ok]
  • ns-cloud-d2.googledomains.com [ok]

DNS records live

NS
  • ns-cloud-d1.googledomains.com
  • ns-cloud-d2.googledomains.com
  • ns-cloud-d3.googledomains.com
  • ns-cloud-d4.googledomains.com
MX
  • 0 omaolo-fi.mail.protection.outlook.com
Verified for
  • Google
  • Microsoft 365

Email authentication weak

SPF
v=spf1 include:spf.protection.outlook.com include:mailgun.org ip4:185.166.28.253 -all
strict (-all)
DMARC
not published
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsteMOjdniXaLKwfydw0GXFrwGthtoJWEAl022oWdakOWFWe4ksa0/AeyR/MR4dn8SgraAieWsIumJT…
  • s1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8aLRlRf0bxFNqYUVWYnEqxSnV8qK0jycitLSWNufM0WDmRvhmAj9jsfWKJ1jZCbfdtTOR3URKIbO0NnWfFj1l/s1bRyd…
selectors probed

Certificate (current)

GeoTrust TLS RSA CA G1
from 2025-07-11 to 2026-08-05
Expires in 65 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.omaolo.fi/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
origin
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
default-src 'self' ; connect-src 'self' https://matomo.digifinland.fi wss://www.omaolo.fi;script-src 'self' https://matomo.digifinland.fi https://www.omaolo.fi;style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://terveysportti.fi https://www.terveysportti.fi https://neuvokasperhe.fi https://matomo.digifinland.fi https://www.omaolo.fi; font-src 'self' ; object-src 'self' blob: ; frame-src 'self' data: blob: https://storage.googleapis.com https://survey.tcdcon.com/ https://www.omaolo.fi;frame-ancestors 'self' https://tunnistautuminen.suomi.fi https://*.tunnistus.fi;form-action 'self' https://sso.omaolo.fi; upgrade-insecure-requests; report-uri /api/csp-report;
strict-transport-security
max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains

Linked from (1)