watershed.co.uk

.uk crawl dns

First seen 2026-04-12 · Last seen 2026-05-16 · ok HTTP/1.1 200 1571 ms crawled 2026-05-04

GB · 185.80.133.137 · AS201261 The Watershed Arts Trust Ltd

Reputation 100/100

Classifying

HTML metadata

Title: Watershed | Cultural cinema, talent development and creative technology in Bristol
Description: Watershed is a cultural cinema, creative technology studio, venue hire space, café & bar, and talent development facilitator, located on Bristol’s historic harbourside.
Language: en
Generator: Drupal 10 (https://www.drupal.org)
Canonical: https://www.watershed.co.uk/

Open Graph

site name: Watershed

Technology

Server: Apache
CMS: Drupal

Analytics

Google Tag Manager

Third-party hosts loaded (2)

challenges.cloudflare.com×1
www.googletagmanager.com×1

Social

Contact

Phone

Registration

Registrar

Watershed Arts Trust Ltd t/a Watershed Media Centre

Created

1997-03-13

Expires

2028-03-13 663 days left

Updated

2024-12-11

Name servers

ns1.he.net.
ns1.watershed.co.uk.
ns2.watershed.co.uk.
ns3.watershed.co.uk.

DNS records live

NS

ns1.he.net
ns1.watershed.co.uk
ns2.watershed.co.uk
ns3.watershed.co.uk

MX

10 watershed-co-uk.mail.protection.outlook.com

TXT

Show 7 TXT records

sophos-domain-verification=a351cd1d8f9bfd51e4a9aa33f80c94cda0ee9eb6603636f58a4d5361826af6c0
airtable-verification=052c2b45264c2ebf7fed3a158d374072
google-site-verification=5MV9y_i8L-BaVqnLRVfnbB-skYPLi_70wVsNhqe9-yQ
MS=ms85272444
have-i-been-pwned-verification=5fe9c8eecc3f8dda773265e1028ca616
apple-domain-verification=CmjCGJbcM2iazNuQ
v=spf1 a mx ip4:185.80.133.3 ip4:185.80.133.4 include:cmail1.com include:servers.mcsv.net include:spf.protection.outlook.com include:spf.mandrillapp.com include:mail.keyivr.co.uk ~all

Certificate (current)

E8

from 2026-03-12 to 2026-06-10

Expires in 21 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.watershed.co.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), autoplay=(self "https://apps.watershed.co.uk"), bluetooth=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(self "https://www.youtube.com" "https://apps.watershed.co.uk"), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=(self "https://www.youtube.com" "https://apps.watershed.co.uk"), publickey-credentials-get=(), screen-wake-lock=(), serial=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: default-src 'none'; connect-src 'self' https://www.googletagmanager.com https://*.google-analytics.com https://*.analytics.google.com https://pagead2.googlesyndication.com https://www.google.com https://www.google.co.uk https://www.googleadservices.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net; font-src 'self'; frame-src 'self' https://www.googletagmanager.com https://challenges.cloudflare.com; img-src 'self' https://apps.watershed.co.uk/shared/imagecache/ https://apps.watershed.co.uk/shared/uploads/ https://*.google-analytics.com https://www.googletagmanager.com https://pagead2.googlesyndication.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://www.googleadservices.com data:; media-src 'self'; script-src 'self' 'report-sample' https://challenges.cloudflare.com 'unsafe-inline' 'nonce-qpoRdACcG+lxguwh2AREKk59' 'strict-dynamic'; style-src 'self' 'report-sample'; worker-src 'none'; base-uri 'none'; frame-ancestors 'se
strict-transport-security: max-age=2592000;includeSubDomains

Links to (9)

Linked from (11)