eveonline.com

HTML metadata

Title

EVE Online | The #1 Free Space MMORPG | Play here now!

Description

Be whatever you want in EVE Online, the biggest space game of all time. Download the free space MMO game and play online for free here.

Language

en

Canonical

https://www.eveonline.com

Translations

de
en
es
fr
ja
ko
ru
zh

Feeds

EVE News RSS Feed RSS

Open Graph

url: https://www.eveonline.com/
title: EVE Online | The #1 Free Space MMORPG | Play here now!
site name: EVE Online
description: Be whatever you want in EVE Online, the biggest space game of all time. Download the free space MMO game and play online for free here.

Technology

CDN: Amazon CloudFront
Server: CloudFront
CMS: Gatsby

Analytics

Google Analytics
Google Tag Manager

Cookie consent

Cookiebot

Third-party hosts loaded (7)

web.ccpgamescdn.com×6
images.ctfassets.net×2
consent.cookiebot.com×1
consentcdn.cookiebot.com×1
embed.twitch.tv×1
www.google-analytics.com×1
www.googletagmanager.com×1

Registration

Registrar

Amazon Registrar, Inc.

Created

1998-08-06

Expires

2026-08-05 78 days left

Updated

2026-05-13

Name servers

ns-1118.awsdns-11.org
ns-1780.awsdns-30.co.uk
ns-282.awsdns-35.com
ns-935.awsdns-52.net

DNS records live

NS

ns-1118.awsdns-11.org
ns-1780.awsdns-30.co.uk
ns-282.awsdns-35.com
ns-935.awsdns-52.net

MX

10 mailstream-eu1.mxrecord.io
20 mailstream-east.mxrecord.io
20 mailstream-west.mxrecord.io
30 mailstream-central.mxrecord.mx

TXT

onsu00ose7t6ji9bi6hgds2c7i
_57y0h4v52cdfq7424x2memavw1rcnpd
facebook-domain-verification=956m0dqd94tzohx8oupf7ryjn1z28r

Email authentication strong

SPF

v=spf1 mx ip4:87.237.32.0/24 ip4:87.237.37.32/28 ip4:87.237.37.40 ip4:87.237.38.0/24 ip4:87.237.39.0/24 ip4:213.181.99.96/29 ip4:210.13.115.112/28 include:mail.zendesk.com include:spf.protection.outlook.com -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; rua=mailto:dmarc@eveonline.com,mailto:lp7h3k5a@ag.eu.dmarcian.com; fo=0; sp=quarantine; adkim=r; aspf=r; pct=100; rf=afrf; ruf=mailto:dmarc@eveonline.com,mailto:lp7h3k5a@fr.eu.dmarcian.com

policy: quarantine · sp=quarantine

DKIM

selector2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHm/fwn3mkasd9go9uAg8V5Ku7mfxRpHCShxadE805BvSxo0pESVGzae2MdhMAPtac8bBuh2BESvSB…

selectors probed

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1

from 2025-08-21 to 2026-09-22

Expires in 126 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.eveonline.com/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection

Header values

referrer-policy: strict-origin-when-cross-origin
permissions-policy: geolocation=(), camera=(), usb=(), magnetometer=(), accelerometer=(), gyroscope=(), microphone=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.contentful.com *.ctfassets.net web.ccpgamescdn.com *.clarity.ms c.bing.com; base-uri 'self'; object-src 'self' ctfassets.net https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.amazon-adsystem.com *.doubleclick.net *.clarity.ms *.facebook.com *.facebook.net *.fbcdn.net *.google.com *.googleadservices.com *.googlesyndication.com *.ninetailed.co *.reddit.com *.redditstatic.com *.t.co *.tiktok.com *.twitch.tv *.twitter.com *.x.com *.zdassets.com *.zendesk.com analytics.tiktok.com ccpcommunity.zendesk.com connect.facebook.net consent.cookiebot.com consentcdn.cookiebot.com google.com google.co.jp google.co.kr google.co.uk google.co.za google.de graphql.contentful.com hello.myfonts.net https://d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/cBaCB1PHCwXVd4yY/delighted.js https://bat.bing.com https://player.idomoo.com https://sp.analytics.yahoo.com https://ssl.google-analytics.com https://tagmanager.google.
strict-transport-security: max-age=31536000; includeSubdomains; preload