omaspstadion.fi
omaspstadion.fi
HTML metadata
Technology
- Server
- nginx
- CMS
- WordPress
- jQuery
- 3.7.1
- Analytics
-
- Google Tag Manager
- Cookie consent
-
- Cookiebot
- Fonts
-
- Adobe Fonts
Third-party hosts loaded (5)
- maxcdn.bootstrapcdn.com×2
- consent.cookiebot.com×1
- js.hsforms.net×1
- use.typekit.net×1
- www.googletagmanager.com×1
Social
Contact
- Phone
DNS records live
- NS
-
- ns-104-b.gandi.net
- ns-22-c.gandi.net
- ns-92-a.gandi.net
- MX
-
- 0 omaspstadion-fi.mail.protection.outlook.com
- TXT
-
o081ho6jg6vv2u2ggd0k4rgk9p
- Verified for
-
- Microsoft 365
Email authentication weak
- SPF
-
v=spf1 a mx include:sendgrid.net ~allsoftfail (~all) · multiple SPF records - DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
-
- s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5nsN+5OhDVIiLPd0N7eNjADcZFvccnols/V+T3rK56cOV4EaskCXTIZTNwRFix5EZlzKxhPAjQartvBFU… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfiTxKU48I+GmMMoOej0h5cQZnqyJepyoFu4WRB8ICX4J2P7UupMTnoTBAN0EzuRV1I/VMrGpc7rBjNjThedrDxj…
selectors probed - s1:
Certificate (current)
E8
Expires in 57 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
Header values
- x-frame-options
SAMEORIGIN- permissions-policy
private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), geolocation=(), microphone=(), camera=()- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.list-manage.com https://*.mailchimp.com https://mailchimp.com https://flow.looks-awesome.com https://www.youtube.com https://apis.google.com https://platform.twitter.com https://www.gstatic.com https://mcl.spur.us https://static.hsappstatic.net https://js.hubspot.com https://consentcdn.cookiebot.com https://consent.cookiebot.com https://js.hsforms.net https://sc.lfeeder.com https://www.googletagmanager.com https://connect.facebook.net https://maps.googleapis.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://*.list-manage.com https://*.mailchimp.com https://mailchimp.com https://p.typekit.net https://use.typekit.net https://fonts.googleapis.com; font-src 'self' data: https://use.typekit.net https://use.typekit.com https://*.list-manage.com https://*.mailchimp.com https://mailchimp.com https://fonts.gstatic.com; connect-src 'self' https://*.list-manage.com https://*.mailchimp.- strict-transport-security
max-age=31536000; includeSubDomains; preload
Links to (5)
- valakia.fi×1
- sjk.fi×1
- oivahymy.fi×1
- instagram.com×1
- facebook.com×1
Linked from (3)
- wallsport.fi×1
- sjk.fi×1
- solarsound.fi×1