harbottle.com

HTML metadata

Title: Harbottle & Lewis
Language: en-US
Canonical: https://www.harbottle.com/

Open Graph

url: https://www.harbottle.com/
title: Harbottle & Lewis
locale: en_US
site name: Harbottle & Lewis

Technology

CDN: Cloudflare
CMS: WordPress

Analytics

Google Tag Manager

Social widgets

Vimeo Embed

Third-party hosts loaded (6)

cdn.jsdelivr.net×6
cc.cdn.civiccomputing.com×2
cdn.yoshki.com×1
gmpg.org×1
player.vimeo.com×1
www.googletagmanager.com×1

Social

Contact

Phone

(0)20 7667 5000

Registration

Registrar

Nom-iq Ltd. dba COM LAUDE

Created

2000-01-10

Expires

2027-01-10 235 days left

Updated

2025-12-31

Name servers

nsgbr.comlaude.co.uk
nssui.comlaude.ch
nsusa.comlaude.net

DNS records live

NS

nsgbr.comlaude.co.uk
nssui.comlaude.ch
nsusa.comlaude.net

MX

10 eu-smtp-inbound-1.mimecast.com
10 eu-smtp-inbound-2.mimecast.com

TXT

Show 8 TXT records

bw=PUY86C80d0Br11+cSc/gQKNeaDAtXVaYlsmKqgqni2u3
_6r3kywpbe3w94uzuh0xcguzw94wq3o7
2n2nxc26ztq0h3wbnrmy26lz4kkb4h1j
apple-domain-verification=dLOJhKHlTy14DTUm
docusign=32a0df7c-7a69-4449-8c13-9139cbcc3e96
5722c83eb18e2ef365cc465a68073cf1e72ad34041ac07195f
rllMfqOIocd0JPuT/tGjtJC6OT3Z+dX+ao9O3DztU7tl+n4gqMT7IYUFgGhvmtF8TizQZra5jHkEFXlIsKr/sQ==
bundledocs-domain-verification=9339ae41698e4c018a10ebe1ede8aecd91fb52cbc68f437cab1e23c97eeb1a1c

Email authentication strong

SPF

v=spf1 include:_u.harbottle.com._spf.smart.ondmarc.com ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; pct=100; fo=1; ri=3600; rua=mailto:c8bbe5bb@inbox.ondmarc.com; ruf=mailto:c8bbe5bb@inbox.ondmarc.com;

policy: reject (enforced)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEuDO3vIcphntP+gD7+KOhBzzg4TWCFIC+BGDbpKILlcg0nXLwnLDUgWG2vLVyLnpC2qcFCtCsZ4D+1o2EMb…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lh3XCAcFvL+LbPM1o9XlC8er2CS3WbOFbwQivr9QlK+84exJ1L1TZdfe5W8oKuskgFJHM0RXSSyxvtiKE…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBNMSWlF6EUeLLWXMe2NMDd89mO6/6lPHvxc5o0upwLFFVf2RkEpxpnJ99/oxkdoc8bA4C91t02t9o2dlsnVmyHT…

selectors probed

Certificate (current)

WE1

from 2026-05-07 to 2026-08-05

Expires in 78 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.harbottle.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self' https://www.google.com; object-src 'none'; upgrade-insecure-requests; script-src 'nonce-cEBymgJpoQEJMFzV59TNEg==' 'strict-dynamic' 'self' https://www.googletagmanager.com https://*.googletagmanager.com https://www.google-analytics.com https://*.google-analytics.com https://www.google.com https://*.google.com https://*.googleapis.com https://*.gstatic.com https://*.youtube.com https://www.youtube-nocookie.com https://*.ytimg.com https://www.recaptcha.net https://www.gstatic.com https://www.clarity.ms https://*.clarity.ms https://static.hotjar.com https://script.hotjar.com https://use.typekit.net https://p.typekit.net https://cdn-cookieyes.com; script-src-attr 'unsafe-inline'; script-src-elem 'nonce-cEBymgJpoQEJMFzV59TNEg==' 'self' https://www.googletagmanager.com https://*.googletagmanager.com https://www.google.com https://*.google.com https://www.gstatic.com https://www.recaptcha.net https://cdn-cookieyes.
strict-transport-security: max-age=63072000; includeSubDomains; preload

Links to (3)

Linked from (2)

animationuk.org×2
ukscreenalliance.co.uk×1