timberhomeliving.com

.com crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 621 ms crawled 2026-05-18

US · 13.33.235.29 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Timber Home Living: Timber Frame Homes, Home Floor Plans, Photos & Building Advice
Description: Timber Home Living is your ultimate resource for post and beam and timber frame homes. Find timber home floor plans, inspiring photos of timber frame homes, and sound advice on building and designing your own post and beam home-all brought to you by the editors of Log and Timber Home Living magazine.
Language: en

Open Graph

locale: en_US

Technology

CDN: Amazon CloudFront
Server: gunicorn

Fonts

Font Awesome

Third-party hosts loaded (5)

static.loghome.com×4
images.ahpc.us×2
brandoncreative.involve.me×1
use.fontawesome.com×1
www.aimmedia.com×1

Social

Contact

Address: © Copyright2026 Home Group, a division of Active Interest Media. All Rights Reserved.2143 Grand Avenue, Des Moines, IA 50312

Registration

Registrar

GoDaddy.com, LLC

Created

2005-02-15

Expires

2027-02-15 270 days left

Updated

2026-02-16

Name servers

ns-1210.awsdns-23.org
ns-1626.awsdns-11.co.uk
ns-424.awsdns-53.com
ns-866.awsdns-44.net

DNS records live

NS

ns-1210.awsdns-23.org
ns-1626.awsdns-11.co.uk
ns-424.awsdns-53.com
ns-866.awsdns-44.net

MX

0 timberhomeliving-com.mail.protection.outlook.com

Verified for

Google
Meta
Microsoft 365

Email authentication weak

SPF

v=spf1 ip4:66.231.181.192/26 a mx include:8195114.spf06.hubspotemail.net include:aimmedia.com ~all

softfail (~all)

DMARC

not published

DKIM

smtpapi: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…

selectors probed

Certificate (current)

Amazon RSA 2048 M01

from 2026-01-30 to 2027-02-28

Expires in 283 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://www.timberhomeliving.com/

present

content-security-policy
x-frame-options
x-content-type-options
referrer-policy
cross-origin-opener-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: same-origin
x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: default-src 'self' s3.amazonaws.com www.youtube.com csi.gstatic.com *;frame-src 'self' optimize.google.com *;worker-src 'self';connect-src 'self' *;font-src 'self' data: fonts.gstatic.com fonts.googleapis.com www.tinymce.com use.fontawesome.com cdnjs.cloudflare.com;img-src 'self' 'unsafe-inline' data: blob: *;manifest-src 'self';media-src 'self' s3.amazonaws.com;object-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagservices.com www.google-analytics.com securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com 7233492.collect.igodigital.com optimize.google.com images.ahpc.us www.googletagmanager.com * blob:;style-src 'self' 'unsafe-inline' fonts.googleapis.com *;base-uri 'self' optimize.google.com;form-action 'self' *;frame-ancestors 'self' optimize.google.com;block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy: same-origin