indexo.dev

tykkimaki.fi

.fi crawl

First seen 2026-05-24 · Last seen 2026-05-29 · ok HTTP/1.1 200 3295 ms crawled 2026-05-29

FI · 94.237.105.133 · AS202053 UpCloud Ltd

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Tykkimäki | Tykkimäen huvipuisto | Aquapark | Actionpark
Description
Tykkimäki on täynnä huvia! Huvipuisto, vesipuisto Aquapark, aktiviteettipuisto Actionpark ja Tykkimäki Resort viihdyttävät koko perhettä.
Language
fi
Canonical
https://www.tykkimaki.fi/
Translations
  • en
  • fi

Open Graph

url
https://www.tykkimaki.fi/
title
Tykkimäki | Tykkimäen huvipuisto | Aquapark | Actionpark
locale
fi_FI
site name
Tykkimäki
description
Tykkimäki on täynnä huvia! Huvipuisto, vesipuisto Aquapark, aktiviteettipuisto Actionpark ja Tykkimäki Resort viihdyttävät koko perhettä.
locale:alternate
en_GB

Technology

Server
nginx
CMS
WordPress
jQuery
3.6.0
Analytics
  • Google Tag Manager
Cookie consent
  • Usercentrics
Fonts
  • Google Fonts

Third-party hosts loaded (5)

  • ajax.googleapis.com×2
  • fonts.googleapis.com×2
  • www.googletagmanager.com×2
  • app.usercentrics.eu×1
  • embed.trustmary.com×1

Social

Registration

Created
2003-01-23
Name servers
  • ns2.euronic.fi [185.55.84.19] [ok]
  • ns1.euronic.fi [185.55.84.18] [ok]
  • ns3.euronic.fi [92.243.21.222] [ok]

DNS records live

NS
  • ns1.euronic.fi
  • ns2.euronic.fi
  • ns3.euronic.fi
MX
  • 1 tykkimaki-fi.mail.protection.outlook.com

Email authentication weak

SPF
v=spf1 include:spf.protection.outlook.com -all
strict (-all)
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

R13
from 2026-05-25 to 2026-08-23
Expires in 83 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.tykkimaki.fi/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(), autoplay=*, camera=(), document-domain=(), encrypted-media=(), fullscreen=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), sync-xhr=(), usb=(), screen-wake-lock=(), xr-spatial-tracking=()
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.usercentrics.eu https://*.jst.ai https://*.facebook.com https://*.google.com; img-src data: https://*; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' https://*.usercentrics.eu https://*.facebook.com https://*.cookielaw.org https://aly.jst.ai https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.googleapis.com https://*.google.com https://embed.trustmary.io https://widget.freshworks.com https://evermade-care.freshdesk.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://widget.freshworks.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.usercentrics.eu https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.googleapis.com https://*.google.com https://*.gstatic.com https://*.cookielaw.org https://*.jst.ai https://connect.facebook.net https://embed.trustmary.com https://d3qhsf9lmfcusu.cloudfront.net https://widget.
strict-transport-security
max-age=31536000; includeSubDomains

Links to (6)

Linked from (1)