indexo.dev

waterstonespa.com

.com crawl

First seen 2026-04-16 · Last seen 2026-05-11 · ok HTTP/1.1 200 2690 ms crawled 2026-05-11

US · 162.159.134.42 · AS13335 Cloudflare, Inc.

Reputation 89/100 weak security headers dmarc monitor-only

sector health type landing page

HTML metadata

Title
Home - Waterstone Spa
Language
en-US
Generator
WordPress 6.9.4
Canonical
https://www.waterstonespa.com/
Feeds

Open Graph

url
https://www.waterstonespa.com/
title
Home - Waterstone Spa
locale
en_US
site name
Waterstone Spa
description
Rejuvenate your mind and restore your body. Welcome to Waterstone Spa.

Technology

CDN
Cloudflare
CMS
WordPress
Analytics
  • Google Analytics
  • Google Tag Manager

Third-party hosts loaded (3)

  • www.facebook.com×1
  • www.google-analytics.com×1
  • www.googletagmanager.com×1

Social

Contact

Phone

Registration

Registrar
eNom, LLC
Created
2003-10-20
Expires
2028-10-20 883 days left
Updated
2025-09-30
Name servers
  • ns.rackspace.com
  • ns2.rackspace.com

DNS records live

NS
  • dns1.stabletransit.com
  • dns2.stabletransit.com
MX
  • 0 waterstonespa-com.mail.protection.outlook.com
TXT
  • tEVJIQG8FOrOcv+IS1MnosBP3DohmwhMYF6htQf/v8NXVixv+zc1emfsOTccUuXfn5GASShw6z8nJdzt75z2AQ==
  • 5JZtCB3htgMR8GmWM5Ca7yhTBgJ4smzxXiwnIFx6buTMJnMyvkaz4f+vBwxr0/pweNz9I81aQIVh9rRVSjsGUg==
Verified for
  • Microsoft 365

Email authentication partial

SPF
v=spf1 ip4:207.55.226.97/29 ip4:216.115.2.24/29 ip4:24.216.242.120/29 include:spf.protection.outlook.com -all
strict (-all)
DMARC
v=DMARC1; p=none; rua=mailto:rua@neumanhotelgroup.com; ruf=mailto:ruf@neumanhotelgroup.com; fo=1
policy: none (monitoring only)
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtm6MqDM6I/nGlAxvdN7jF+uisrneyEE/HQwAi4k5dqkVv1b349KYqDxUB3NadmbCJM57SATWO0xmg3ACJdn…
selectors probed

Certificate (current)

WE1
from 2026-04-20 to 2026-07-19
Expires in 60 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://www.waterstonespa.com/

present
  • x-content-type-options
  • permissions-policy
findings
  • missing HSTS
  • missing Content Security Policy
  • missing frame protection
  • missing Referrer Policy
Header values
permissions-policy
private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")
x-content-type-options
nosniff

Links to (9)

Linked from (2)