freepeople.com
freepeople.com
HTML metadata
Technology
- Server
- nginx
- CMS
- Gatsby
- Cookie consent
-
- OneTrust
Third-party hosts loaded (5)
- images.ctfassets.net×10
- cdn.cookielaw.org×1
- freepeople501z.btttag.com×1
- images.urbndata.com×1
- js.datadome.co×1
Registration
- Registrar
- SafeNames Ltd.
- Created
- 1996-05-01
- Expires
- 2027-05-02 346 days left
- Updated
- 2026-05-03
- Name servers
-
- ns-cloud-c1.googledomains.com
- ns-cloud-c2.googledomains.com
- ns-cloud-c3.googledomains.com
- ns-cloud-c4.googledomains.com
DNS records live
- NS
-
- ns-cloud-c1.googledomains.com
- ns-cloud-c2.googledomains.com
- ns-cloud-c3.googledomains.com
- ns-cloud-c4.googledomains.com
- MX
-
- 1 smtp.google.com
- TXT
-
Show 10 TXT records
3dstzlk534ps4l4jsrn7tkz1y583bv5n5x9230g4gv7nt04y0k7572qcfcmlsbqndatadome-domain-verify=wGGFzaMkgsCLVvt93T0EmSoVI38z92Pbah7AY8/BvxdM83+OZ1bQSspVrnWU/3ioOdATpeMWOYuDRUG1Sz+J9nZiEIPWrFc1eQH3o9hds/1zmO6286JejQ==1w527zzwvy8n7bhs58v4z7938jlw625syfbnm046z8n3zdwc0m5vjh1j7m53bzyn+UsEL4zrQRcalh16CUXCDsh/BYaWxQhhRfQWQnKIP3fIs/Xpul/IBfgE1zLZIyLl1kqhWPLE6FzRi07e1Q8XFw==k66fsymkw9xjv2d5mln3tmfj8ywt3llq_bg4n84zjonk75acap614dmxweea30g4mk-org-sso-0be0fb7a-9ec7-4807-908e-2cc73698f58c
- Verified for
-
- Adobe
- Anthropic
- Atlassian
- Figma
- Meta
- Microsoft 365
- Stripe
- Zoom
Email authentication weak
- SPF
-
v=spf1 ip4:209.11.206.190/32 ip4:198.54.242.56/32 ip4:216.183.124.160/27 ip4:12.178.224.80/28 ip4:64.18.0.0/20 ip4:208.255.148.64/26 ip4:65.242.66.128/26 ip4:204.115.126.0/23 ip4:198.135.28.0/22 ip4:198.135.30.120/32 ip4:23.96.125.248/32 ip4:23.96.126.101/32 include:spf.protection.outlook.com include:_spf.google.com -allstrict (-all) - DMARC
- not published
- DKIM
-
- google:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/BL/ho1hfePvYFaLeoA9SRSMzERJemG5hPFjo7L5cMN6j2D7mub3GSmoW3TNaJwN1UIiTiN+2T2N/… - selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3uMkBEOgnrc5HHQARE/mhljbfkLa603CD8HH+4UWNMH4dDQeefSrU1/ndZUXA0qbP5djZuUF5iDx6…
selectors probed - google:
Certificate (current)
WR3
Expires in 40 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- cross-origin-opener-policy
- cross-origin-resource-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin- x-content-type-options
nosniff- content-security-policy
default-src 'self' 'unsafe-eval'; script-src 'self' 'nonce-2fQ7TS8PpMl1UXYxfZNNq1H2qJW+D8Pt' 'strict-dynamic' 'unsafe-eval' https: blob:; connect-src 'self' https: wss://*.noibu.com; img-src 'self' * data: blob:; font-src 'self' data: https:; style-src 'self' 'unsafe-inline' https://*.force.com https:; media-src 'self' https://*.ctfassets.net https://*.scene7.com https://*.urbndata.com https://*.api.bazaarvoice.com https://*.cloudfront.net https://static.quiq-cdn.com; frame-src 'self' https://*.force.com https://*.stripe.com https://*.doubleclick.net https://*.krxd.net https://www.google.com https://*.snapchat.com https://*.pinterest.com https://player.vimeo.com https://www.youtube.com https://app.viralsweep.com https://*.qualtrics.com https://*.attn.tv https://*.bambuser.com https://*.salesforce.com https://*.8x8.com https://www.googletagmanager.com https://*.jebbit.com https://*.adsrvr.org https://*.flashtalking.com https://pay.google.com https://*.liadm.com https://*.adsrvr.org htt- strict-transport-security
max-age=31536000; includeSubDomains- cross-origin-opener-policy
same-origin-allow-popups- cross-origin-resource-policy
same-site