liferooms.org
HTML metadata
Technology
- Server
- Apache
- CMS
- Joomla
- Analytics
-
- Google Tag Manager
- Fonts
-
- Adobe Fonts
- Social widgets
-
- YouTube Embed
Third-party hosts loaded (4)
- use.typekit.net×3
- www.youtube.com×2
- translate.google.com×1
- www.googletagmanager.com×1
Social
Contact
- Phone
Registration
- Registrar
- Register SpA
- Created
- 2016-02-22
- Expires
- 2027-02-22 278 days left
- Updated
- 2026-04-08
- Name servers
-
- ns0.phase8.net
- ns1.phase8.net
- ns2.phase8.net
DNS records live
- NS
-
- ns0.phase8.net
- ns1.phase8.net
- ns2.phase8.net
- MX
-
- 30 athena.hosts.co.uk
- 30 hermes.hosts.co.uk
- TXT
-
google-site-verification=AJ4SHlu0dqZgWhVFCTnZCz3cpq2a7Lcjv6MT1kPm90Q
Email authentication weak
- SPF
-
v=spf1 include:spf.hosts.co.uk ~allsoftfail (~all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
Sectigo Public Server Authentication CA DV R36
Expires in 144 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
SAMEORIGIN- x-content-type-options
nosniff- content-security-policy
default-src 'self'; frame-src 'self' *.audioboom.com *.webspellchecker.net/ *.nhs.uk/ *.facebook.com/ *.youtube.com/ *.vimeo.com/ *.google.com/ *.googleapis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://liferooms.us21.list-manage.com/subscribe/post-json https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js https://*.googletagmanager.com https://*.googletagmanager.com *.webspellchecker.net/ https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://www.googletagmanager.com/ https://connect.facebook.net/ https://feeds.trac.jobs/ *.google.com *.googleapis.com *.gstatic.com *.cqc.org.uk ; font-src 'self' 'unsafe-inline' data: *.typekit.net/ *.webspellchecker.net/ https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' *.mailchimp.com *.typekit.net/ *.webspellchecker.net/ https://cdnjs.cloudflare.com/ https://feeds.trac.jobs/ *.googleapis.com *.gstatic.com *.cqc.org.uk; img-src * data:; object-src 'self' blob:; conn- strict-transport-security
max-age=31536000
Links to (37)
- ablhealth.co.uk×2
- ageconcernliverpoolandsefton.org.uk×2
- amparo.org.uk×2
- bluecoatdisplaycentre.com×2
- canalrivertrust.org.uk×2
- cancerresearchuk.org×2
- centralcu.co.uk×2
- citizensadviceliverpool.org.uk×2
- clearsolutions-training.co.uk×2
- collective-encounters.org.uk×2
- creativesupport.co.uk×2
- epplus.org.uk×2
- evertoninthecommunity.org×2
- facebook.com×2
- feedingliverpool.org×2
- frankltd.co.uk×2
- gtdt.co.uk×2
- holistic-harmonies.com×2
- hughbaird.ac.uk×2
- instagram.com×2
- liverpool.ac.uk×2
- liverpoolarabiccentre.org.uk×2
- liverpoolcares.org.uk×2
- liverpoolcityregion-ca.gov.uk×2
- merseycare.nhs.uk×2
- mrsnliverpool.org.uk×2
- nea.org.uk×2
- openeye.org.uk×2
- shelter.org.uk×2
- smokefreeliverpool.co.uk×2
- smokefreesefton.co.uk×2
- twitter.com×2
- wearewithyou.org.uk×2
- wemakecreativespaces.org×2
- whisc.org.uk×2
- ymcatogether.org.uk×2
- zerosuicidealliance.com×2