wsecu.org

.org crawl

First seen 2026-05-11 · Last seen 2026-05-16 · ok HTTP/1.1 200 1366 ms crawled 2026-05-16

US · 162.159.140.121 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: The Credit Union for Washington: Join Us Today
Description: We're a member-powered credit union that focuses on you and the communities that make Washington such an amazing place to call home.
Language: en-US
Canonical: https://wsecu.org/

Open Graph

url: https://wsecu.org/
title: The Credit Union for Washington: Join Us Today
site name: wsecu
description: We're a member-powered credit union that focuses on you and the communities that make Washington such an amazing place to call home.

Technology

CDN: Cloudflare

Analytics

Google Tag Manager

Third-party hosts loaded (3)

www.google.com×4
www.googletagmanager.com×2
api.glia.com×1

Social

Contact

Phone

+1.800.562.0999

DNS records live

NS

ns1.f5clouddns.com
ns2.f5clouddns.com

MX

10 wsecu-org.mail.protection.outlook.com

TXT

Show 8 TXT records

ciscocidomainverification=383a93c9eacd86affeb8de970dc82815b1b44f7f624de6779d9972db46576f09
asv=0b0fa35cf8c458a20bd4b4f06d79c89b
apple-domain-verification=8G1VkdNsTpTd2zb5
2eoeu3mut8totees55n5q3sak0
google-site-verification=xhyWh0MCPVX_Vh9nB2ACw9ys8luBWmuhLA2CQZEKEmA
04c99de4-0b47-4816-a012-c8e50d0644d4
docusign=a6a73da1-bf06-4d02-ab30-3d3bc8e36e49
MS=F876C0FBAA683C530D92BC2E8BF86E494D9708CD

Email authentication partial

SPF

v=spf1 include:1sinp2tau.spf.checkpoint-spf.com -all

strict (-all)

DMARC

v=DMARC1; p=none; rua=mailto:wsecu@us.cp-dmarc.com; ruf=mailto:wsecu@us.cp-dmarc.com,mailto:wsecu-dmarc@datafeeds.phishlabs.com

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8NN6bsBHRA+0k1PrAYKiQbdJb9Zw/ct1baFsLDtEqSj+5Ik5H+l3Su2whQUuvpnIRAyBVSOnusumurqQbcX…
selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1lyZvRpDZH9AecYY0bH1Pskvreb3kz2uPAiDdPp0x3CiwA3Bs/7l/sNZmAP0/nvYXS3W/oT35yrev78rJTe…

selectors probed

Certificate (current)

WE1

from 2026-05-04 to 2026-08-02

Expires in 76 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 65/100 Checked live page: https://wsecu.org/

present

strict-transport-security
content-security-policy
x-frame-options

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
content-security-policy: default-src 'self' *.typekit.net *.googletagmanager.com *.paymentsemails.com https://s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.googleapis.com *.googletagmanager.com *.youtube-nocookie.com *.glia.com *.paymentsemails.com https://s3.amazonaws.com *.facebook.net *.clarity.ms *.adsrvr.org *.linkedin.com *.wsod.com *.doubleclick.net *.solemove.com *.instagram.com https://www.google.com https://www.gstatic.com https://snap.licdn.com *.vimeocdn.com *.vimeo.com https://libs.salemove.com; style-src 'self' 'unsafe-inline' * *.glia.com *.paymentsemails.com; connect-src 'self' *.MapsJsInternalService *.googleapis.com *.google-analytics.com *.google.com *.glia.com wss://*.glia.com *.paymentsemails.com https://s3.amazonaws.com *.clarity.ms https://l.clarity.ms *.adsrvr.org https://insight.adsrvr.org *.salemove.com wss://*.salemove.com https://px.ads.linkedin.com *.vimeo.com *.vimeocdn.com; font-src 'self' data: use.typekit.net fonts.gstatic.com *.glia.com *.pay
strict-transport-security: max-age=2592000

Links to (9)

Linked from (2)

businessimpactnw.org×1
uwpc.org×1