workhands.com

HTML metadata

Title: Apprenticeship, simplified | WorkHands
Description: WorkHands makes running an apprenticeship easier - tracking on-the-job training (OJT), related instruction, and more.
Canonical: https://workhands.com/

Open Graph

url: https://workhands.com/
title: Apprenticeship, simplified | WorkHands
locale: en_US
site name: WorkHands
description: WorkHands makes running an apprenticeship easier - tracking on-the-job training (OJT), related instruction, and more.
locale:alternate: es_US

Technology

Server: webserver
CMS: Gatsby

Analytics

Google Tag Manager

Fonts

Google Fonts

Third-party hosts loaded (5)

workhands-production.s3.us-west-2.amazonaws.com×14
fonts.googleapis.com×4
cdn.slaask.com×1
maps.googleapis.com×1
www.googletagmanager.com×1

Social

Contact

Email

support@workhands.com

Address

Registration

Registrar

GoDaddy.com, LLC

Created

2006-01-30

Expires

2027-01-30 255 days left

Updated

2026-01-31

Name servers

ns-1430.awsdns-50.org
ns-1817.awsdns-35.co.uk
ns-321.awsdns-40.com
ns-619.awsdns-13.net

DNS records live

NS

ns-1430.awsdns-50.org
ns-1817.awsdns-35.co.uk
ns-321.awsdns-40.com
ns-619.awsdns-13.net

MX

10 aspmx.l.google.com
20 alt1.aspmx.l.google.com
30 alt2.aspmx.l.google.com
40 aspmx2.googlemail.com
50 aspmx3.googlemail.com

TXT

v=DMARC1; p=reject; pct=100; rua=mailto:info@workhands.com
google-site-verification=9Lg-8eWGaADmewcI7KWreP8GJebbveBGDS7KMeTU8dI
google-site-verification=_TBJjCxs7iUpDUOqybHoMo3uI4mqSpm6oCsjElmdg-c

Email authentication weak

SPF

v=spf1 include:datadrivenemail.com include:u301684.wl.sendgrid.net ~all

softfail (~all)

DMARC

not published

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzdDJGmQ5kA9sjuPbDi6pjpEiU0J/Cwehsy4H9QyUAsmekP1/3VscTKUemWsiKLe7wAjPeNKux+Z4jLN2w…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnxQaxY2ETcTHTjwP/3Ey9JGKbPIQpIzAwxq/gxBebNp9+rFQiGzJIK9MLFjuPiuBq5CmlQhWgS30eBDuVCPGO53…

selectors probed

Certificate (current)

Amazon RSA 2048 M01

from 2025-10-14 to 2026-11-13

Expires in 177 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://workhands.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(), microphone=(), camera=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=(), payment=(), midi=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: default-src 'self';script-src 'self' 'unsafe-inline' maps.googleapis.com cdn.slaask.com www.googletagmanager.com www.google.com www.youtube.com www.gstatic.com assets.calendly.com us-assets.i.posthog.com *.pusher.com;connect-src 'self' *.workhands.com *.s3.us-west-2.amazonaws.com us.i.posthog.com us.posthog.com us-assets.i.posthog.com api.rollbar.com app.polaria.ai maps.googleapis.com www.google-analytics.com analytics.google.com stats.g.doubleclick.net td.doubleclick.net login.microsoftonline.com slaask.com cdn.slaask.com www.google.com calendly.com wss://*.pusher.com wss://*.pusherapp.com *.pusher.com noembed.com;style-src 'self' 'unsafe-inline' fonts.googleapis.com assets.calendly.com cdn.polaria.ai;font-src 'self' fonts.gstatic.com cdn.polaria.ai data:;img-src 'self' data: blob: https:;media-src 'self' data: blob: https:;frame-src 'self' www.youtube.com youtube.com calendly.com www.google.com login.microsoftonline.com *.amazonaws.com;object-src 'none';base-uri 'self';form-action 's
strict-transport-security: max-age=15552000; includeSubDomains
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site

Links to (4)

Linked from (1)

bricklayers.org×1