tevella.fi

.fi crawl

First seen 2026-06-04 · Last seen 2026-06-04 · ok HTTP/1.1 200 853 ms crawled 2026-06-04

US · 104.17.69.120 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

sector education type homepage

HTML metadata

Title: Opi kanssamme! | Tevella
Description: Tevella suunnittelee ja varustaa kouluja ja päiväkoteja, oppimisympäristöjä ja tarjoaa tarvikkeita varhaiskasvatukseen ja opetukseen. Maahantuomme leluja, pelejä ja lastentuotteita.
Language: fi

Technology

CDN: Cloudflare
CMS: Gatsby
Stack: PHP

Analytics

Google Tag Manager

Fonts

Adobe Fonts

Third-party hosts loaded (6)

www.googletagmanager.com×3
js.hs-scripts.com×1
policy.app.cookieinformation.com×1
security-hub.vaimo.network×1
use.typekit.net×1
www.facebook.com×1

Contact

Email

asiakaspalvelu@tevella.fi

Phone

+358 (0)3 380 5300

Registration

Created

1999-11-16

Name servers

ns3-09.azure-dns.org [ok]
ns1-09.azure-dns.com [ok]
ns4-09.azure-dns.info [ok]
ns2-09.azure-dns.net [ok]

DNS records live

NS

ns1-09.azure-dns.com
ns2-09.azure-dns.net
ns3-09.azure-dns.org
ns4-09.azure-dns.info

MX

1 tevella-fi.mail.protection.outlook.com

Verified for

Google

Email authentication partial

SPF

v=spf1 include:_spf.vaimo.net include:spf.protection.outlook.com include:5908208.spf04.hubspotemail.net ip4:54.194.150.12 -all

strict (-all)

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkgUzzhoueZUSTPDTK7vtxMoj+OPNpYqxZrmQtASZ1FpF389gf2fgokVPM9DFTMw+ySSh4WKFCJVwxsl2kk8…
smtpapi: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…

selectors probed

Certificate (current)

from 2026-04-14 to 2026-07-13

Expires in 38 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://www.tevella.fi/

present

content-security-policy
x-frame-options
x-content-type-options

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: font-src www.paypalobjects.com fonts.gstatic.com use.typekit.net *.typekit.net *.gstatic.com 'self' data: *.typekit.net/ data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com pilot-payflowlink.paypal.com www.paypal.com www.sandbox.paypal.com *.paypal.com *.cardinalcommerce.com 3ds-secure.cardcomplete.com www.clicksafe.lloydstsb.com pay.activa-card.com *.wirecard.com acs.sia.eu *.touchtechpayments.com www.securesuite.co.uk rsa3dsauth.com *.monzo.com *.arcot.com *.wlp-acs.com * https://forms.hsforms.com/ 'self' 'unsafe-inline'; frame-ancestors viewer.ipaper.io kuvastot.tevella.fi tevella.fi 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net https://www.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centine

Links to (2)

iltalehti.fi×1
elasticsuite.io×1

Linked from (1)

hlu.fi×1