sash.fi
sash.fi
HTML metadata
Technology
- Server
- nginx
Third-party hosts loaded (1)
- plausible.mainostoimistokompassi.fi×2
Social
DNS records live
- NS
-
- ns-1222.awsdns-24.org
- ns-1768.awsdns-29.co.uk
- ns-181.awsdns-22.com
- ns-920.awsdns-51.net
- MX
-
- 1 aspmx.l.google.com
- 5 alt1.aspmx.l.google.com
- 5 alt2.aspmx.l.google.com
- TXT
-
1|www.sash.fi
- Verified for
-
Email authentication strong
- SPF
-
v=spf1 a mx include:spf.mandrillapp.com include:_spf.google.com -allstrict (-all) - DMARC
-
v=DMARC1; p=quarantine; pct=5; rua=mailto:admin@sash.fipolicy: quarantine · pct=5 - DKIM
-
- default:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlWvuduFPwjpPEf4ok1XXnXd2/Sf89oM94d/yMH3Twh1T8tvLLG2LJBedWwnItM6P0kR5JgCJcEYuC…
selectors probed - default:
Certificate (current)
R12
Expires in 49 days
HTTP security headers
- present
-
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' https://plausible.mainostoimistokompassi.fi; connect-src 'self' https://plausible.mainostoimistokompassi.fi; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; worker-src 'self'; frame-src https://plausible.mainostoimistokompassi.fi; form-action 'self'; frame-ancestors 'self'; base-uri 'self'; object-src 'none'
Links to (6)
Linked from (1)
- forna.fi×1