indexo.dev

waitwhat.com

.com crawl

First seen 2026-04-14 · Last seen 2026-05-18 · ok HTTP/1.1 200 2376 ms crawled 2026-05-08

US · 188.114.96.3 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Home - WaitWhat
Description
Our mission is to provide people with the ideas, information, and inspiration they need to live their best lives at work.
Language
en-US
Canonical
https://waitwhat.com/
Feeds

Open Graph

url
https://waitwhat.com/
title
Home - WaitWhat
locale
en_US
site name
WaitWhat
description
Our mission is to provide people with the ideas, information, and inspiration they need to live their best lives at work.

Technology

CDN
Cloudflare
CMS
WordPress

Third-party hosts loaded (1)

  • js.hs-scripts.com×2

Social

Registration

Registrar
GoDaddy.com, LLC
Created
2002-07-01
Expires
2026-07-01 43 days left
Updated
2025-06-30
Name servers
  • elias.ns.cloudflare.com
  • josephine.ns.cloudflare.com

DNS records live

NS
  • elias.ns.cloudflare.com
  • josephine.ns.cloudflare.com
MX
  • 10 aspmx.l.google.com
  • 20 alt1.aspmx.l.google.com
  • 20 alt2.aspmx.l.google.com
  • 30 alt3.aspmx.l.google.com
  • 30 alt4.aspmx.l.google.com
TXT
Show 5 TXT records
  • google-site-verification=9M8a5qmcDmoRL8XQ3zp-SZz0EUPcF1yLSHCDL-t0jhs
  • google-site-verification=DBK3IABIbPNPsNxsOiR2rG3HYPWzPvj7rB4UWit5oHQ
  • google-site-verification=UAgFmr5O_InR3bmL6VnctVLOnL7g4rWN22cDwvhgiZA
  • google-site-verification=wtk8py0s7oDcBPymCnc1uyndY4iye-Upo1ciAzxQ4eA
  • apple-domain-verification=f8W9VZ6uB33EmGK9

Email authentication partial

SPF
v=spf1 include:_spf.google.com include:spf.mandrillapp.com include:mail.zendesk.com include:24327641.spf06.hubspotemail.net ~all
softfail (~all)
DMARC
v=DMARC1; p=none; rua=mailto:df3b98ca2c7841aea683a6cc5240416c@dmarc-reports.cloudflare.net
policy: none (monitoring only)
DKIM
  • google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4Ax9U5vge2bv8M5P8g1w+djnl3/dgwXxqepaax1majaAHHGUzwmai6sojRABNJ2hQhL7nyzCRhoKW2l7j2m…
selectors probed

Certificate (current)

WE1
from 2026-04-11 to 2026-07-10
Expires in 52 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://waitwhat.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
sameorigin
permissions-policy
accelerometer=(self "https://www.youtube.com"), ambient-light-sensor=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self "https://www.youtube.com" "https://embed-cdn.spotifycdn.com"), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self "https://www.youtube.com"), geolocation=(), gyroscope=(self "https://www.youtube.com"), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(self "https://js.stripe.com"), picture-in-picture=(self "https://www.youtube.com"), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-eval' *.cloudflareinsights.com *.youtube.com *.doubleclick.net *.licdn.com *.adtrafficquality.google *.googlesyndication.com *.workable.com *.cloudfront.net *.clarity.ms *.hotjar.com *.hsadspixel.net *.hubspot.com *.hsforms.net *.hsforms.com *.hs-scripts.com *.hs-analytics.net *.hscollectedforms.net *.hs-banner.com *.art19.com *.hellowaitwhat.com *.facebook.net *.facebook.com *.google-analytics.com *.google.com *.googletagmanager.com *.firebaseapp.com *.stripe.com *.tinypass.com *.cloudfunctions.net https://ausi.github.io/ *.twitter.com 'sha256-cU4OTpsuisE/RgysBGeMmZipcdnzg1Jy4A59OO+/PBw=' 'sha256-bMTESW9hEQ+7NIw+F0ql6ihmNczfsRcvvel3nLwWsrE=' 'sha256-LFHbZ8bfRwJUQDsNK2cFv+qXu1xmOw8ewfzkEWzmQy8='; font-src 'self' *.art19.com data: *.hellowaitwhat.com *.gstatic.com; img-src 'self' data: *.linkedin.com *.adtrafficquality.google *.googlesyndication.com *.ytimg.com https://images.squarespace-cdn.com *.bing.com *.clarity.ms *.hsforms.net *.hsfor
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (10)

Linked from (4)