indexo.dev

vbo.fi

.fi crawl

First seen 2026-05-19 · Last seen 2026-05-19 · ok HTTP/1.1 200 14380 ms crawled 2026-05-24

US · 3.164.206.95 · AS16509 Amazon.com, Inc.

Reputation 100/100

sector real estate type homepage

HTML metadata

Title
Etusivu – Varuboden-Osla
Language
fi

Open Graph

title
Etusivu

Technology

CDN
Amazon CloudFront
CMS
Next.js

Third-party hosts loaded (1)

  • cdn.s-cloud.fi×27

Social

DNS records

Email authentication no MX

SPF
not published
DMARC
not published
DKIM
no key found at common selectors

Certificates

Loading certificate

HTTP security headers

Header hygiene 75/100 Checked live page: https://vbo.fi/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • referrer-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Permissions Policy
Header values
referrer-policy
no-referrer
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'nonce-NTQ5NWMxMzUtMzVmZS00ZTg2LWE4ODgtOWExNTJlNzI3MTUx' 'strict-dynamic' 'unsafe-eval'; script-src-attr 'none'; style-src 'self' 'unsafe-inline' *.typekit.net https://fonts.googleapis.com https://googletagmanager.com https://ninchat.com https://tagmanager.google.com https://www.juicer.io; img-src 'self' blob: data: https://*.facebook.com https://*.facebook.net https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.com https://*.googletagmanager.com https://*.s-cloud.fi https://*.usercentrics.eu https://ad.doubleclick.net https://ade.googlesyndication.com https://adservice.google.com https://assets.juicer.io https://google.com https://google.fi https://googleads.g.doubleclick.net https://googletagmanager.com https://i.ytimg.com https://ninchat.com https://pagead2.googlesyndication.com https://ssl.gstatic.com https://www.google.com https://www.google.fi https://www.googleadservices.com https://www.googletagmanager.com https://ww
strict-transport-security
max-age=15552000; includeSubDomains
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
same-origin

Links to (17)

Linked from (1)