thethirdwave.co

HTML metadata

Title

Third Wave: Psychedelics & Microdosing Education - Third Wave

Description

Third Wave is a trusted, research-based psychedelics education and community platform featuring psychedelics guides, courses, podcasts, blog content and more.

Language

en-US

Generator

WP Rocket 3.18

Canonical

https://thethirdwave.co/

Feeds

Third Wave » Feed RSS
Third Wave » Comments Feed RSS

Open Graph

url: https://thethirdwave.co/
title: Third Wave | Psychedelic Education, Resources & Community
locale: en_US
site name: Third Wave
description: Welcome to The Third Wave. We provide well-researched, high-quality information specific to the classic psychedelics – and how they can be used to help people like you live more vibrant lives.

Technology

CDN: Cloudflare
CMS: WordPress

Analytics

Cloudflare Insights
Google Tag Manager

Cookie consent

Cookiebot

Fonts

Google Fonts

Third-party hosts loaded (6)

accounts.google.com×3
apis.google.com×3
fonts.googleapis.com×2
www.googletagmanager.com×2
consent.cookiebot.com×1
static.cloudflareinsights.com×1

Social

Contact

Address: rd Wave’s Psychedelic Gift Guide for 2023

DNS records live

NS

elliot.ns.cloudflare.com
sue.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 aspmx2.googlemail.com
20 aspmx3.googlemail.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 10 TXT records

zoho-verification=zb14857911.zmverify.zoho.com
ahrefs-site-verification_0397eb741ad167112dece5908161edfb1f821ab2d3a43fe67775129475ab111e
facebook-domain-verification=sscy00fu5siy8besmkhojmsuc5fv5l
google-site-verification=7ecX_skCt-DhhVEtcqtRGjoFZWi8IKAhUI0X7OSv7oE
google-site-verification=9x7zmgfQjHGLUenxdHf6ZWkwzAxvETBhy4nbTG5AVs0
google-site-verification=KwjX2ilsoC1geqInct_qA7EPO_c4Hgg5OgfSdMEyfmE
google-site-verification=MSzQsSQSncJu05ZBtfPJE8dQOcezKjN-oTsLlGIMGEA
google-site-verification=RZefHwLoXR2Y6bbN0NAsLHul5M9bLpWTJqBg2Hmh96w
google-site-verification=jcYc-XtFTv_rU4WqvBUzpSmI8ALmvFGT9kZYKgmMyfY
stripe-verification=fa900b7344d14069e415b7c233adf216a2d7a080cdc4e852d5233c1b03c351a9

Email authentication partial

SPF

v=spf1 include:_spf.google.com include:amazonses.com include:emsd1.com include:servers.mcsv.net ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc@thethirdwave.co; ruf=mailto:dmarc@thethirdwave.co; fo=1;

policy: none (monitoring only)

DKIM

dkim: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDORjCc8gtL3BynhxgqNpQyb6w6zNSqMiG60xdPH7fG8M1/qnnt7381R65UXT6M8p9Ut9892IpEgmveG4on/K…

selectors probed

Certificate (current)

WE1

from 2026-03-13 to 2026-06-11

Expires in 23 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://thethirdwave.co/

present

content-security-policy
content-security-policy-report-only

findings

missing HSTS
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: frame-ancestors 'self' *.thethirdwave.co ajax.cloudflare.com
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://*.googleapis.com https://*.gstatic.com https://www.google-analytics.com https://www.googletagmanager.com https://*.cookiebot.com https://*.cloudflareinsights.com https://trackcmp.net https://*.hotjar.com https://script.hotjar.com https://cdn.mxpnl.com https://connect.facebook.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' data: https: blob:; connect-src 'self' https://*.thethirdwave.co https://*.googleapis.com https://*.google-analytics.com https://*.doubleclick.net https://*.google.com https://*.cookiebot.com https://*.hotjar.com https://*.mixpanel.com https://*.facebook.com https://connect.facebook.net; frame-src 'self' https://www.google.com https://www.youtube.com https://*.cookiebot.com https://*.hotjar.com https://*.facebook.com; object-src 'none'; base-uri 'self';