hsmlawyers.com
HTML metadata
Technology
- Server
- nginx
- CMS
- WordPress
- Analytics
-
- Google Tag Manager
- Fonts
-
- Google Fonts
Third-party hosts loaded (4)
- fonts.googleapis.com×2
- gmpg.org×1
- moderate15-v4.cleantalk.org×1
- www.googletagmanager.com×1
Social
Contact
Registration
- Registrar
- Porkbun LLC
- Created
- 2021-04-22
- Expires
- 2027-04-22 336 days left
- Updated
- 2026-04-21
- Name servers
-
- lisa.ns.cloudflare.com
- paul.ns.cloudflare.com
DNS records live
- NS
-
- lisa.ns.cloudflare.com
- paul.ns.cloudflare.com
- MX
-
- 0 hsmlawyers-com.mail.protection.outlook.com
- Verified for
-
- Microsoft 365
Email authentication partial
- SPF
-
v=spf1 include:spf.protection.outlook.com include:closingsite.com -allstrict (-all) - DMARC
-
v=DMARC1; p=none; rua=mailto:dmarc@HSMlawyers.com; ruf=mailto:dmarc@HSMlawyers.com; fo=1policy: none (monitoring only) - DKIM
-
- selector1:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Hs3u23vPmwPbdhrK0rtAlUVP5yw7Imi9q2QOlbxRHvES3np0fqUvZ0+ldsARwbWX/6a2jUO1CvVTp…
selectors probed - selector1:
Certificate (current)
R13
Expires in 66 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing content type protection
- missing Referrer Policy
- missing Permissions Policy
Header values
- content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' pagead2.googlesyndication.com *.io *.net *.com *.org *.github.io *.smartlook.com *.paywhirl.com *.jsdelivr.net *.google.com *.googletagmanager.com *.uptimerobot.com *.tawk.to *.lottiefiles.com *.shortpixel.ai *.youtube.com *.gstatic.com *.googleapis.com *.google-analytics.com *.6sense.com *.6sc.co cdnjs.cloudflare.com assets.zendesk.com connect.facebook.net; object-src 'self'; worker-src * data: 'unsafe-eval' 'unsafe-inline' blob:- strict-transport-security
max-age=31536000; includeSubdomains; preload;