vappi.fi
HTML metadata
Technology
- CDN
- Amazon CloudFront
- Server
- CloudFront
- CMS
- Next.js
- Cookie consent
-
- OneTrust
Third-party hosts loaded (2)
- cdn.cookielaw.org×2
- cdnjs.cloudflare.com×1
Contact
- Phone
Registration
- Created
- 2018-11-05
- Name servers
-
- ns-935.awsdns-52.net [ok]
- ns-1865.awsdns-41.co.uk [ok]
- ns-328.awsdns-41.com [ok]
- ns-1155.awsdns-16.org [ok]
DNS records live
- NS
-
- ns-1155.awsdns-16.org
- ns-1865.awsdns-41.co.uk
- ns-328.awsdns-41.com
- ns-935.awsdns-52.net
- MX
-
- 10 inbound-smtp.eu-west-1.amazonaws.com
- Verified for
-
Email authentication strong
- SPF
-
v=spf1 include:_spf.mlsend.com include:amazonses.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=reject; aspf=r; adkim=r; sp=reject; pct=100; ruf=mailto:mailauth-reports@vappi.fi; rua=mailto:mailauth-reports@vappi.fi;policy: reject (enforced) · sp=reject - DKIM
- no key found at common selectors
Certificate (current)
Amazon RSA 2048 M04
Expires in 119 days
HTTP security headers
- present
-
- content-security-policy
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- content-security-policy
default-src 'self' vappi.fi *.vappi.fi yritysekstra.vare.fi *.yritysekstra.vare.fi cdn.cookielaw.org https://*.google-analytics.com https://privacyportal-eu.onetrust.com/ https://www.googletagmanager.com https://browser-intake-datadoghq.eu/ https://*.browser-intake-datadoghq.com; img-src 'self' vappi.fi *.vappi.fi play.google.com https://cdn.cookielaw.org data:; object-src 'none'; base-uri 'none'; script-src 'unsafe-inline' 'unsafe-eval' http: https:; style-src 'unsafe-inline' http: https:; style-src-attr 'unsafe-inline' vappi.fi *.vappi.fi; worker-src blob:; child-src blob:; font-src 'self' fonts.gstatic.com:
Links to (3)
- vare.fi×1
- google.com×1
- apple.com×1