loriot.io

HTML metadata

Title: LORIOT - Hybrid Network Management System for Massive IoT
Description: Hybrid Network Management System Provider with the largest public server infrastructure worldwide. our Hybrid NMS integrates both LoRaWAN Network Server and mioty service senter capabilities. We offer FREE Community Servers, Professional Public Servers and Enterprise Private Servers to address the needs of companies of any size from PoCs to massive IoT deployments.
Language: en

Open Graph

url: https://www.loriot.io/
title: LORIOT - Hybrid Network Management System for Massive IoT
site name: LORIOT
description: LoRaWAN® Network Server Provider with the largest public server infrastructure worldwide. We offer free community servers, professional public and carrier-grade private network servers.

Technology

Server: nginx

Analytics

Google Tag Manager

Social widgets

Vimeo Embed

Third-party hosts loaded (4)

www.googletagmanager.com×4
player.vimeo.com×2
cdn-cookieyes.com×1
code.jquery.com×1

Social

DNS records live

NS

ns-1145.awsdns-15.org
ns-1639.awsdns-12.co.uk
ns-265.awsdns-33.com
ns-816.awsdns-38.net

MX

10 aspmx.l.google.com
20 alt1.aspmx.l.google.com
30 alt2.aspmx.l.google.com
40 aspmx2.googlemail.com
50 aspmx3.googlemail.com

TXT

Show 5 TXT records

atlassian-domain-verification=jjeFL/aXx9kGaEp9fA5V5QjYSomo1qIdwNSu7fV4UjfTW2zBp3VwNBvy45GaifUC
google-site-verification=mQbLBfb4cyYJ7NlgokbsM7TNs15MFYRgR9ndbzzvGCo
w24cbxt3msm2qc0j3w8kp5qpllc2hvnd
MS=ms14108751
atlassian-domain-verification=jjeFL/aXx9kGaEp9fA5V5QjYSomo1

Email authentication strong

SPF

v=spf1 include:_netblocks.google.com include:_netblocks2.google.com include:_netblocks3.google.com include:spf2.loriot.io include:spf3.loriot.io include:spf.selzy.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; pct=100; rua=mailto:5bf6baa3@inbox.ondmarc.com; ruf=mailto:5bf6baa3@inbox.ondmarc.com

policy: reject (enforced)

DKIM

google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOJojzPFVFxeHZ+G8CnWlQWprarUzWU7g9pj/IfrKPqbEXi4yLBoHwjAAjxDlMJhs1+jUhqrIV9x4U06fRZz…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

GeoTrust TLS RSA CA G1

from 2026-03-10 to 2026-09-25

Expires in 128 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://loriot.io/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: sameorigin
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://player.vimeo.com https://*.jquery.com https://www.google-analytics.com https://ssl.google-analytics.com https://*.googleapis.com https://*.gstatic.com https://js.stripe.com https://unpkg.com https://*.googletagmanager.com https://s3.amazonaws.com https://*.aidaform.com https://cdn-cookieyes.com https://data.processwebsitedata.com https://*.happierleads.com; style-src 'self' https://fonts.googleapis.com 'unsafe-inline'; img-src 'self' https://cdn-cookieyes.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.googletagmanager.com https://*.g.doubleclick.net blob: data:; connect-src 'self' https://*.loriot.io https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.googleapis.com *.google.com https://*.gstatic.com https://api.stripe.com https://cdn-cookieyes.com https://*.cookieyes.com https://*.g.doubleclick.
strict-transport-security: max-age=63072000; includeSubDomains