volume.com

HTML metadata

Title: Volume.com
Description: The only music streaming platform where musicians can broadcast their music, upload videos and build fan communities 🎸
Language: en-us

Open Graph

url: https://volume.com/
title: Volume.com
description: The only music streaming platform where musicians can broadcast their music, upload videos and build fan communities 🎸

Technology

CDN: Cloudflare

Analytics

Amplitude
Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (5)

fonts.googleapis.com×3
cdn.amplitude.com×1
fonts.gstatic.com×1
kit.fontawesome.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

Dynadot Inc

Created

1995-12-21

Expires

2029-12-20 1310 days left

Updated

2020-06-06

Name servers

a.ns.volume.com
b.ns.volume.com

DNS records live

NS

a.ns.volume.com
b.ns.volume.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 8 TXT records

lucid-verification=ktb3MHD!cqr2pat3ver
docker-verification=a5e23f82-7134-45f2-897e-40fa357c8996
uber-domain-verification=899112d1-12ce-43a6-afb3-e8f17b11e65b
jetbrains-domain-verification=7a0agqix3o5b1o5675hvtnphh
knowbe4-site-verification=bf70859a7bcd8133d145ae6d967c1686
loom-site-verification=0b69a7fd5c344b879ec60619172c8509
new-relic-domain-verification=67f317884d244931bbe8f18b2bc3f72b
monday-com-verification=__8BIehfyxqhZ7WMfVlMi_RbKvtCI-4SrEMJlZH67Mc

Verified for

1Password
Airtable
Anthropic
Apple
Atlassian
Canva
Cursor
DocuSign
Dropbox
Google
Notion
OpenAI
Postman
Twilio

Email authentication partial

SPF

v=spf1 a mx include:_spf.google.com include:mail.zendesk.com -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc@volume.com; ruf=mailto:dmarc@volume.com; fo=1

policy: none (monitoring only)

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHG0w4L53DuV71HF3GgpW/gfiIg73u/Q1v7ltywEH2DwWShZnqoz++o8cs40eYvxeOJwp0Z02oAzAN…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDvkh6Cp8IekDGR0YUFPhUtqkWnrl27PJaSzKeXKs4PXJsikTDHlTVN0l5ms+FcOo9Uh4gBNyGGxPGkfts…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOMRum3uF2RWbbB/5aS+YJDpOGz+y4WZO5HgPfORB/mZ2wDX7AOCerXhU6FKZZXKk0knQPgCGmyG6FEK45+7cONg…

selectors probed

Certificate (current)

WE1

from 2026-03-26 to 2026-06-24

Expires in 35 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://volume.com/

present

content-security-policy
x-frame-options
x-content-type-options

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://*.clarity.ms https://c.bing.com; script-src https://cdn.jsdelivr.net https://*.volume.com 'unsafe-inline' https://kit.fontawesome.com https://js-agent.newrelic.com https://*.cloudflare.com https://js.stripe.com https://www.paypalobjects.com 'unsafe-eval' https://adservice.google.com https://found.ee https://cdn.syndication.twimg.com https://www.google.com/recaptcha/ https://www.google-analytics.com https://www.googletagmanager.com https://unpkg.com/ https://www.gstatic.com/cast/ https://*.googlesyndication.com https://trc.taboola.com https://ajax.googleapis.com https://www.google.com https://platform.instagram.com https://cdn.taboola.com/scripts/ https://www.googletagservices.com 'self' https://platform.twitter.com https://c.bing.com https://*.nr-data.net https://www.gstatic.com/cv/ www.googletagmanager.com https://*.clarity.ms https://static.zdassets.com https://cdn.amplitude.com/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/eureka/ https://www