cwci.org

.org crawl

First seen 2026-04-23 · Last seen 2026-05-17 · ok HTTP/1.1 200 24412 ms crawled 2026-05-17

US · 141.193.213.10 · AS209242 Cloudflare London, LLC

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title

California Workers' Compensation Institute

Description

The California Workers' Compensation Institute was incorporated in 1964 as a private, nonprofit organization of insurers and self-insured employers dedicated to improving the California workers' compensation system through research, education, information and representation.

Language

en-US

Canonical

https://www.cwci.org/

Feeds

Open Graph

url: https://www.cwci.org
title: Home
locale: en_US
site name: California Workers' Compensation Institute
description: The California Workers' Compensation Institute was incorporated in 1964 as a private, nonprofit organization of insurers and self-insured employers dedicated to improving the California workers' compensation system through research, education, information and representation.

Technology

CDN: Cloudflare
CMS: WordPress

Third-party hosts loaded (1)

www.google.com×2

Contact

Email

Phone

(510) 251-9470

Registration

Registrar

Network Solutions, LLC

Created

1996-02-26

Expires

2034-02-27 2840 days left

Updated

2024-03-03

Name servers

ns1.amer.net
ns2.amer.net

DNS records live

NS

ns1.amer.net
ns2.amer.net
ns3.amer.net

MX

0 mx1-us1.ppe-hosted.com
0 mx2-us1.ppe-hosted.com

TXT

MS=ms38975176
MS=ms45707102

Email authentication partial

SPF: v=spf1 a:dispatch-us.ppe-hosted.com include:spf.protection.outlook.com include:_spf.google.com ip4:209.21.66.113 -all
strict (-all)
DMARC: v=DMARC1; p=none; pct=100; rua=mailto:re+pz7pmungi1h@dmarc.postmarkapp.com; sp=none; aspf=r;
policy: none (monitoring only) · sp=none
DKIM: no key found at common selectors

Certificate (current)

from 2026-05-17 to 2026-08-15

Expires in 88 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://www.cwci.org/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(), camera=(), microphone=()
x-content-type-options: nosniff
content-security-policy: default-src 'self' https: data: blob: 'unsafe-inline' 'unsafe-eval';
strict-transport-security: max-age=31536000; includeSubDomains

Linked from (2)

joepaduda.com×2
managedcarematters.com×1