mutualstatland.com

HTML metadata

Title

Mutual | Stat Land - The Leaders in Managed Security

Description

Mutual | Stat Land provides industry-leading managed security to the New York Metropolitan area. We'll secure your commercial or residential spaces.

Language

en-US

Canonical

https://mutualstatland.com/

Feeds

Open Graph

url: https://mutualstatland.com/
title: Mutual | Stat Land - The Leaders in Managed Security
locale: en_US
site name: Mutual | Stat Land
description: Mutual | Stat Land provides industry-leading managed security to the New York Metropolitan area. We'll secure your commercial or residential spaces.

Technology

CDN: Cloudflare
CMS: WordPress

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (4)

fonts.googleapis.com×2
fonts.gstatic.com×1
gmpg.org×1
www.googletagmanager.com×1

Registration

Registrar

Network Solutions, LLC

Created

2021-07-06

Expires

2027-07-06 411 days left

Updated

2025-05-07

Name servers

ns10.dnsmadeeasy.com
ns11.dnsmadeeasy.com
ns12.dnsmadeeasy.com
ns13.dnsmadeeasy.com
ns14.dnsmadeeasy.com
ns15.dnsmadeeasy.com

DNS records live

NS

ns10.dnsmadeeasy.com
ns11.dnsmadeeasy.com
ns12.dnsmadeeasy.com
ns13.dnsmadeeasy.com
ns14.dnsmadeeasy.com
ns15.dnsmadeeasy.com

Email authentication no MX

SPF: not published
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-04-19 to 2026-07-18

Expires in 58 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://mutualstatland.com/

present

strict-transport-security
content-security-policy
content-security-policy-report-only
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), xr-spatial-tracking=(), gamepad=(), serial=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://js.hsforms.net https://js.hubspot.com https://static.hsappstatic.net; style-src 'unsafe-inline' 'report-sample' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://yoast.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app.hubspot.com; img-src 'self' data: https://secure.gravatar.com; manifest-src 'self'; media-src 'self'; report-uri https://69313c0c9917c0dd35eaa757.endpoint.csper.io?builder=true&v=2; worker-src 'none'; report-to https://6930952bc85d3b2818d2bd38.endpoint.csper.io; report-uri https://6930952bc85d3b2818d2bd38.endpoint.csper.io;
strict-transport-security: max-age=63072000; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none; report-to='default'
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://js.hsforms.net https://js.hubspot.com https://static.hsappstatic.net; style-src 'unsafe-inline' 'report-sample' 'self' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://yoast.com; font-src 'self' data: https://fonts.gstatic.com; frame-src 'self' https://app.hubspot.com; img-src 'self' data: https://secure.gravatar.com; manifest-src 'self'; media-src 'self'; report-uri https://69313c0c9917c0dd35eaa757.endpoint.csper.io?builder=true&v=2; worker-src 'none'; report-to https://6930952bc85d3b2818d2bd38.endpoint.csper.io; report-uri https://6930952bc85d3b2818d2bd38.endpoint.csper.io;

Linked from (1)

kastle.com×1