thewave.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-12 · ok HTTP/1.1 200 1581 ms crawled 2026-05-07

US · 104.26.10.27 · AS13335 Cloudflare, Inc.

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title: The Wave: Bristol's inland surf destination
Description: The Wave: Bristol's slice of the ocean inland. An inland surf destination like no other. Learn how to surf & try a new experience.
Language: en
Canonical: https://www.thewave.com/

Open Graph

url: https://www.thewave.com/
title: The Wave: Bristol's inland surf destination
locale: en_GB
site name: The Wave
description: The Wave is the first inland-surfing destination of its kind, where people of all ages, backgrounds and abilities can experience the joy of surfing and its many physical and mental health benefits. But it’s not just about surfing. It’s about getting back to nature, improving health and well-being, connecting with other people, enjoying great food and drink, and having a load of fun in the process!

Technology

CDN: Cloudflare
CMS: WordPress

Third-party hosts loaded (3)

gmpg.org×2
app.varify.io×1
static.zdassets.com×1

Social

Registration

Registrar

GoDaddy.com, LLC

Created

1995-04-10

Expires

2031-04-11 1788 days left

Updated

2026-04-11

Name servers

annabel.ns.cloudflare.com
nile.ns.cloudflare.com

DNS records live

NS

annabel.ns.cloudflare.com
nile.ns.cloudflare.com

MX

5 thewave-com.mail.protection.outlook.com

TXT

Show 6 TXT records

google-site-verification=WGJx2e_WG2h-SjRsXS5A244SYWS7C9-YbJOJZj7CvQA
google-site-verification=ZeNdRgFZ0mKFhOXrQFaHXLuZLZlDAcIA22mIOBbvuqg
google-site-verification=_oIdTs8E-Sft3CJZUBM6XUHabP6UvZoOw8NGQWzJIVo
google-site-verification=s9PNaYOR4R7voMcyFQxws3FL4-m-5pmDlovukmi5srQ
MS=ms61212499
google-site-verification=EJY599w9ddXOtmawVhmNGQID7zQOmQjqYkErFlXLt9o

Email authentication partial

SPF

v=spf1 include:spf.protection.outlook.com include:mailgun.com -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:e763452dca964744ab0c00cd96c9355e@dmarc-reports.cloudflare.net

policy: none (monitoring only)

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sedDBevcQS0X0hEO5VWZZsFWutrCivZwbT4c7B5AVI+UU7IovWxr60aOXAET3dqsHNS06WQy0Shq0BGRX…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxjNs/h3bF35ccBweJ2p6Ku09P8bTLQLmYE/oNPRP6rpI3LDqIa5C+DBRVl9IwZg27ya3tegyU071fvxPZtII2BY…

selectors probed

Certificate (current)

from 2026-05-01 to 2026-07-30

Expires in 72 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 35/100 Checked live page: https://www.thewave.com/

present

permissions-policy

findings

missing HSTS
missing Content Security Policy
missing frame protection
missing content type protection
missing Referrer Policy

Header values

permissions-policy: private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")

Links to (5)

Linked from (2)

bristollifeawards.co.uk×2
red-rescue.com×2