orfium.com

.com crawl

First seen 2026-05-02 · Last seen 2026-05-09 · ok HTTP/1.1 200 3074 ms crawled 2026-05-09

GB · 165.227.236.228 · AS14061 DigitalOcean, LLC

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title

Music Rights Management Software | Orfium

Description

Find, use, track, and monetize music content across all channels with Orfium's industry-leading music rights management software.

Language

en-US

Generator

Wix.com Website Builder

Canonical

https://www.orfium.com/

Translations

Open Graph

url: https://www.orfium.com/
title: Music Rights Management Software | Orfium
locale: en_US
site name: ORFIUM
description: Find, use, track, and monetize music content across all channels with Orfium's industry-leading music rights management software.
locale:alternate: ja

Technology

Server: Apache
CMS: Wix

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (5)

www.googletagmanager.com×2
cdn-cookieyes.com×1
fonts.googleapis.com×1
js.hs-scripts.com×1
js.hsforms.net×1

Social

Registration

Registrar

Moniker Online Services LLC

Created

2014-08-06

Expires

2034-08-06 3000 days left

Updated

2025-11-25

Name servers

ns-1177.awsdns-19.org
ns-1574.awsdns-04.co.uk
ns-393.awsdns-49.com
ns-867.awsdns-44.net

DNS records live

NS

ns-1177.awsdns-19.org
ns-1574.awsdns-04.co.uk
ns-393.awsdns-49.com
ns-867.awsdns-44.net

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 13 TXT records

apple-domain-verification=iUmddlYiUF7frvlH
atlassian-domain-verification=tEEd1NyEleaPsBaaCDMcpR5uec8KmB3RrBP836IaLHPgzEnt/BxoSNsvbR4IcuCp
carta-domain-verification-shrykt=JqYVfKUP6LF8s4bhGeYLkMTvB
cursor-domain-verification-gvbz2d=tJRfPIvQb7Zsm9oN0Hwplk9RK
google-site-verification=MjYfdcgyeSXYjGSbPQxWeEGRmw9A_HM6BbU-aEzOE4o
google-site-verification=iGG9qNSBrFV2x57MZ9kww8L5UK6IemhgkC0Jbx8TW1c
google-site-verification=maxPaZtV9FDWnp_FYyGaHiWQKfCShciy9hFwonOV5QE
google-site-verification=sJI1M3fZyUmXUlcpguLWAjW6yL6VhROq8j0g48VzcQQ
hubspot-domain-verification=Y2E3ZDUzMTYtMjJkZi00MThmLWFlZDctMzcxNTJjYTQ0Y2Mw
intacct-esk=DA470E697DD9BDA7E05396220D0A4316
postman-domain-verification=9099797a4e1ee30d4f376268d6f5a46aca9ed60175bc2918149d58c8980d64d095a0efcdc59a41c011693c8bbcc1d646d4661f128f8d9c46d70051e96c5ea9dc
7BA27664CF
MS=ms36371935

Email authentication partial

SPF

v=spf1 mx include:spf.ymlp.com include:amazonses.com include:_spf.google.com include:4274017.spf02.hubspotemail.net include:_spf.intacct.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc-reports@orfium.com

policy: none (monitoring only)

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxOYMmKmwXVvegImwdeYKi6mYz4XYZWZ02AI0yaVoTFJmPfXDr/WcBB4Cl+EbJvO7uEN/xtPninNkH…

selectors probed

Certificate (current)

from 2026-05-03 to 2026-08-01

Expires in 74 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.orfium.com/

present

content-security-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: child-src 'self' https:; connect-src 'self' https:; default-src 'self' https:; font-src 'self' https: data:; frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hs-sites.com https://www.google.com https://recaptcha.google.com; img-src 'self' https: data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https: data:; style-src 'self' 'unsafe-inline' https:; worker-src 'self' https: blob:

Links to (7)

Linked from (1)

tsevdos.com×1