ns.com

HTML metadata

Title: Network School - Learn, Burn, and Earn
Description: Learn, Burn, and Earn at Network School. Join a global community building startups, skills, and health through programs, events, and on‑site residencies.
Language: en
Canonical: https://ns.com

Open Graph

url: https://ns.com
title: Network School - Learn, Burn, and Earn
locale: en_US
site name: ns.com
description: Learn, Burn, and Earn at Network School. Join a global community building startups, skills, and health through programs, events, and on‑site residencies.

Technology

CDN: Cloudflare
CMS: Next.js

Analytics

Google Tag Manager

Third-party hosts loaded (5)

image.mux.com×1
player.mux.com×1
stream.mux.com×1
www.googletagmanager.com×1
www.youtube.com×1

Registration

Registrar

1API GmbH

Created

1991-06-05

Expires

2032-12-14 2400 days left

Updated

2025-11-24

Name servers

aida.ns.cloudflare.com
skip.ns.cloudflare.com

DNS records live

NS

aida.ns.cloudflare.com
skip.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 15 TXT records

google-site-verification=SlnYDeNB4UshUa4LjblKzKTG39DkIJHU7z6rEDxMVFc
airtable-verification=10e074540af08f329494a9520d18cd4e
ahrefs-site-verification_231a2caeb9b05ba96dfc99ed56cb19a8ba911a64e7d5a6a0a705415cd993d2ce
facebook-domain-verification=0y2pd97ipbhf1r1eddfq4ree71brpx
apple-domain-verification=GW24RixAim2YC4Cl
openai-domain-verification=dv-crMcncp61CzDwkOyXED81U6z
cloudflare_dashboard_sso=9151a72bc0f30ea7d5bdf12cda079e94
box-domain-verification=d2cc8feb10c388e0a1b43ede8d32c82b14a018fe318f054a238cada7f11d3de1
protonmail-verification=b9af1ad25c11831c3bd55dc2d61ad6c317d17199
notion-domain-verification=6cgABKaf3PusbciG9ZRayv76f4KezBmDouAZ1lGLO2S
stripe-verification=d85f9b1b210d5b0ad7c8617e1a5438c04ca03d2f6c6031968c85c7c8196d4663
google-gws-recovery-domain-verification=52011997
google-site-verification=IgyIuJsCWObRPhb_N2sYESMqsjyoWXM1TdcpHCboOcM
google-site-verification=lzKeOlA-ZgiMftjzkA6b-P6t2SFtSDVEdEZHomxYJUA
stripe-verification=1608AC8AD5EFC45876A0A8527DAD0065DABCDBC302F42C12F3CBEEF8386929B8

Email authentication strong

SPF

v=spf1 include:_spf.google.com include:mail.intercom.io ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; sp=quarantine; rua=mailto:dmarc@ns.com,mailto:dmarc_agg@vali.email; aspf=r; adkim=r; fo=1;

policy: quarantine · sp=quarantine

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJURbsaYP6Bl2VLyZALIGKC9abOvbw7Lc6C2KXZWs9xSI79mwtcrq5YNK9CIUkLUfvRomv8S3Iqe5P…

selectors probed

Certificate (current)

WE1

from 2026-04-18 to 2026-07-17

Expires in 59 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://ns.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: camera=(self "https://forms.fillout.com" "https://form.fillout.com"), microphone=(self "https://forms.fillout.com" "https://form.fillout.com"), geolocation=(self "https://forms.fillout.com" "https://form.fillout.com"), payment=(), usb=(), browsing-topics=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'nonce-f6a71539-a86e-4f94-976e-5c06a830eb7f' 'wasm-unsafe-eval' blob: https://challenges.cloudflare.com https://va.vercel-scripts.com https://cdn.jsdelivr.net https://auth.privy.io https://*.posthog.com https://t.ns.com https://analytics.ahrefs.com https://*.intercom.io https://*.intercomcdn.com https://www.gstatic.com https://accounts.google.com https://apis.google.com https://www.youtube.com https://www.youtube-nocookie.com https://s.ytimg.com https://server.fillout.com https://js.stripe.com https://cxrtnc.leaningtech.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https: android-webview-video-poster:; font-src 'self' data: https://*.intercomcdn.com https://fonts.gstatic.com; object-src 'self' blob:; base-uri 'self'; form-action 'self' https://accounts.google.com; frame-ancestors 'self'; frame-src 'self' https://auth.privy.io https://verify.walletconnect.com https://verify.walletconnect.org https://challen
strict-transport-security: max-age=15552000; includeSubDomains
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin