hpsionline.com
HTML metadata
Technology
- Server
- Apache
- CMS
- WordPress
- Analytics
-
- Google Tag Manager
- Social widgets
-
- YouTube Embed
Third-party hosts loaded (4)
- www.youtube.com×2
- fonts.bunny.net×1
- gmpg.org×1
- www.googletagmanager.com×1
Social
Contact
- Phone
Registration
- Registrar
- MarkMonitor Inc.
- Created
- 2000-09-28
- Expires
- 2026-09-28 131 days left
- Updated
- 2025-08-27
- Name servers
-
- burst.aramark.com
- ns5.dnsmadeeasy.com
- ns6.dnsmadeeasy.com
- ns7.dnsmadeeasy.com
- surge.aramark.com
DNS records live
- NS
-
- burst.aramark.com
- ns100.digicertdns.com
- ns101.digicertdns.com
- ns102.digicertdns.com
- ns5.dnsmadeeasy.com
- ns6.dnsmadeeasy.com
- ns7.dnsmadeeasy.com
- surge.aramark.com
- MX
-
- 10 hpsionline-com.mail.protection.outlook.com
- 20 hpsionline-com.mail.protection.outlook.com
- TXT
-
Show 5 TXT records
v=DMARC1; p=none; fo=1; ri=3600; rua=mailto:aramark@rua.agari.com; ruf=mailto:aramark@ruf.agari.comA0R2A63784SI/sk+V2daQ/r4kIo1nqBAeTwfNqu7j9A60xwu1wwhp8VJ/NYkwj42UFNFUUojoi74dtfwZjm22KrkzOU1WFuw==MS=ms49399494_04a4xnqyh8l1ae0fvwaqkxtkb9vkezk
Email authentication strong
- SPF
-
v=spf1 exists:%{i}._i.%{d}._d.espf.agari-dns.net include:%{d}.5b.spf-protect.agari-dns.net -allstrict (-all) - DMARC
-
v=DMARC1; p=reject; fo=1; ri=3600; rua=mailto:aramark@rua.agari.com; ruf=mailto:aramark@ruf.agari.compolicy: reject (enforced) - DKIM
-
Show 4 DKIM selectors
- default:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquEpv38kIywXvp7wvzf6cVn2i6qvv40W5JxjKKNN4ds1abG642Au2coVg8laNAs95+rf6So05dPtQU… - selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYZ8RhiM5peMHpdmmxWKE6cdzlrsd0+43spJILsp8gx4LhktRK2VFc5S45xeQ+FRrZYArC0Zc0q/RK… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuUafmSb/62+dPifgVFBz0tXSkRySiqZ52+nB1bCb8zuQXvH019ZwAVc72BW4MIjYhhWp8daQeOrpFLvZ6… - s2:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWd3Ur/Cu9fr93lKIArJSMM1zrYbvfORYFYpERBpE9PlJoeKdbZ+mOn9SHoKX8fQ4ePF0zr6uxMPEU0x8E…
selectors probed - default:
Certificate (current)
R12
Expires in 75 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
DENY- permissions-policy
geolocation=(),fullscreen=(self)- x-content-type-options
nosniff- content-security-policy
base-uri 'self'; connect-src 'self' https://forms.hsforms.com/ https://js.hsforms.net/ https://www.google-analytics.com/ https://www.google-analytics.com/; default-src 'none'; font-src 'self' data: https://fonts.gstatic.com/ https://fonts.bunny.net/ https://fonts.googleapis.com/; frame-src 'self' https://calendly.com/ https://www.google.com/ https://www.youtube.com/ https://forms.hsforms.com/ https://js.hsforms.net/; frame-ancestors 'self'; img-src 'self' data: https://i.ytimg.com/ https://assets.calendly.com/ https://www.googletagmanager.com/ https://forms-na1.hsforms.com/ https://forms.hsforms.com/ https://secure.gravatar.com/ https://www.google-analytics.com/; manifest-src 'self'; media-src 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' 'nonce-agf8abyQXuubDKZS1CXPXAAAAEU' https://www.browser-update.org/ https://assets.calendly.com/ https://calendly.com https://js.hsforms.net/ https://browserupdate.org/ https://www.google.com/ https://play.google.com/ https://www.google- strict-transport-security
max-age=63072000;includeSubDomains