spaces.is

.is user

First seen 2026-05-20 · Last seen 2026-05-20 · ok HTTP/1.1 200 757 ms crawled 2026-06-04

US · 5.78.85.202 · AS212317 Hetzner Online GmbH

Reputation 69/100 listed in spam blocklist dmarc monitor-only

sector tech type homepage

HTML metadata

Title: SPACES
Description: A talent label representing designers, engineers, and studios who shape culture through technology.
Language: en
Canonical: https://spaces.is

Open Graph

url: https://spaces.is
title: SPACES
site name: SPACES
description: A talent label representing designers, engineers, and studios who shape culture through technology.

Technology

Server: nginx

Third-party hosts loaded (1)

plausible.spaces.is×1

Social

Contact

Email

hi@spaces.is

Registration

Created

2023-02-17

Updated

2026-02-17

Name servers

pdns1.registrar-servers.com
pdns2.registrar-servers.com

DNS records live

NS

pdns1.registrar-servers.com
pdns2.registrar-servers.com

MX

1 smtp.google.com

TXT

rm_verify=2af62cb057
mailcoach-verification=88b5e136-8705-4b19-a094-e29f0b515ecc

Verified for

Google

Email authentication partial

SPF

v=spf1 include:_spf.google.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; sp=none; rua=mailto:re+33b064ce3b5b@inbound.dmarcdigests.com; pct=100

policy: none (monitoring only) · sp=none

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLDuvT3evM5NCEUUue8pt7MCy++vB6e68zZQrWCEnDCXisf3C4UyzTFeZAx/njAG9snrWUlVeWMqY5…

selectors probed

Certificate (current)

from 2026-05-03 to 2026-08-01

Expires in 52 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://spaces.is/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
weak frame protection
weak content type protection

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: DENY, SAMEORIGIN
permissions-policy: interest-cohort=()
x-content-type-options: nosniff, nosniff
content-security-policy: base-uri 'self'; default-src 'self'; child-src https://youtube.com https://www.youtube.com https://player.vimeo.com player.vimeo.com https://embed.spotify.com embed.spotify.com; connect-src 'self' https://plausible.spaces.is; font-src 'self' https://encore.scdn.co encore.scdn.co; form-action 'self'; frame-ancestors 'none'; frame-src https://youtube.com https://www.youtube.com https://player.vimeo.com player.vimeo.com https://embed.spotify.com embed.spotify.com; img-src 'self' https://ytimg.com https://ggpht.com https://youtube.com https://i.vimeocdn.com i.vimeocdn.com https://i.scdn.co i.scdn.co data:; media-src https://staging.spaces.is staging.spaces.is https://spaces.is spaces.is; object-src 'none'; script-src 'self' https://plausible.spaces.is https://youtube.com https://google.com https://f.vimeocdn.com f.vimeocdn.com https://embed-cdn.spotifycdn.com embed-cdn.spotifycdn.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://f.vimeocdn.com f.vimeocdn.com https://embed-cdn.spo
strict-transport-security: max-age=31536000; includeSubdomains; preload

Links to (2)

x.com×2
instagram.com×2

Use this data via API

Everything on this page for spaces.is is available as JSON from the indexo.dev REST & MCP API.

curl "https://indexo.dev/api/v1/domains/spaces.is" \
  -H "X-API-Key: idx_..."

Read the docs & get a free key →