barrywehmiller.com

HTML metadata

Title

Barry-Wehmiller / Building a Better World Through Business

Description

At Barry-Wehmiller, we’re showing what’s possible at the intersection of great business strategy and profound care for people.

Generator

Sitefinity 15.2.8423.0 DX

Canonical

https://www.barrywehmiller.com

Translations

da-dk
de-de
en-us
es-es
fr-fr
hu-hu
it-it
ja-jp
nl-nl
pt-pt
sr-rs
sv-se
zh-cn

Open Graph

url: https://www.barrywehmiller.com/home
title: Barry-Wehmiller / Building a Better World Through Business
site name: Barry-Wehmiller

Technology

Server: Sucuri

Analytics

Google Tag Manager

Fonts

Adobe Fonts

Third-party hosts loaded (6)

stackpath.bootstrapcdn.com×2
use.typekit.net×2
www.googletagmanager.com×2
ajax.googleapis.com×1
cdnjs.cloudflare.com×1
kit.fontawesome.com×1

Social

Registration

Registrar

Network Solutions, LLC

Created

1996-10-12

Expires

2026-10-11 145 days left

Updated

2025-08-12

Name servers

ns41.worldnic.com
ns42.worldnic.com

DNS records live

NS

ns41.worldnic.com
ns42.worldnic.com

TXT

barrywehmillersf12.azurewebsites.net.

Email authentication no MX

SPF: v=spf1 -all
strict (-all)
DMARC: v=DMARC1; p=reject; rua=mailto:dmarc_agg@vali.email;
policy: reject (enforced)
DKIM: no key found at common selectors

Certificate (current)

Starfield Secure Certificate Authority - G2

from 2026-03-15 to 2026-06-13

Expires in 25 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://barrywehmiller.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
x-content-type-options: nosniff
content-security-policy: default-src 'self' data:; script-src *.googleapis.com *.gstatic.com *.google-analytics.com *.twimg.com *.eloqua.com *.en25.com *.jsdelivr.net *.googletagmanager.com *.sharethis.com *.cookielaw.org *.hubspot.com *.hs-banner.com *.hsleadflows.net *.mikle.com *.clarity.ms *.aspnetcdn.com *.azureedge.net *.bootstrapcdn.com *.cloudflare.com *.curator.io *.facebook.net *.fontawesome.com *.google.com *.hs-analytics.net *.hs-scripts.com *.linkedin.com *.marketo.net *.sitefinity.com *.stumbleupon.com *.twitter.com *.youtube.com *.ytimg.com *.gtranslate.net *.maps.googleapis.com *.mailchimp.com *.chimpstatic.com *.addthis.com https://player.vimeo.com/api/player.js https://barrywehmillersf12-2.azurewebsites.net chimpstatic.com 'self' web-chat.nativechat.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src *.googleapis.com *.gstatic.com *.twimg.com *.jsdelivr.net *.typekit.net *.azureedge.net *.bootstrapcdn.com *.cloudflare.com *.fontawesome.com *.google.com *.sitefinity.com *.telerik.c
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: cross-origin