thewatershedproject.org

HTML metadata

Technology

Server

nginx

CMS

WordPress

jQuery

3.7.1

Analytics

• Google Tag Manager

Third-party hosts loaded (4)

• challenges.cloudflare.com×2
• static.addtoany.com×2
• www.googletagmanager.com×2
• www.facebook.com×1

Social

• facebook
• instagram
• linkedin
• youtube

Contact

Email

• 94804info@thewatershedproject.org

Phone

• 91-1767292

DNS records live

NS

• ns1.dreamhost.com
• ns2.dreamhost.com
• ns3.dreamhost.com

MX

• 0 aspmx.l.google.com

TXT

• mailerlite-domain-verification=8acbd4d7132c97b2e3fce6f0461836f365625464

Verified for

• Canva
• Google
• Meta
• Microsoft 365

Email authentication partial

SPF

v=spf1 a mx include:_spf.google.com include:_spf.mlsend.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; pct=100; rua=mailto:re+nexbs6wusto@dmarc.postmarkapp.com; sp=none; aspf=r;

policy: none (monitoring only) · sp=none

DKIM

• google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoPEzmbz5UBp/dpsuP5DRTQ8P8jo/jw68agWD2+iWbSaZ+kffz/O0Uip/rX8iGnw4kSBKePx2uiQXT…

selectors probed

Certificate (current)

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://thewatershedproject.org/

present

• x-content-type-options

findings

• missing HSTS
• missing Content Security Policy
• missing frame protection
• missing Referrer Policy
• missing Permissions Policy

Links to (10)

• youtube.com×1
• setian.co×1
• linkedin.com×1
• instagram.com×1
• givelively.org×1
• facebook.com×1
• eventbrite.com×1
• charitynavigator.org×1
• candid.org×1
• 32auctions.com×1

Linked from (1)

• richmondcaoutdoors.org×1