givelocalnrv.org

.org crawl

First seen 2026-04-30 · Last seen 2026-05-20 · ok HTTP/1.1 200 3888 ms crawled 2026-05-08

US · 198.49.23.144 · AS53831 Squarespace, Inc.

Reputation 100/100

Classifying

HTML metadata

Title: GiveLocalNRV
Description: The 2026 GiveLocalNRV Giving Day kicks off at noon on Wed., 6/24. Support your favorite New River Valley community organizations with a donation of $5 or more!
Language: en
Canonical: http://www.givelocalnrv.org/

Open Graph

url: http://www.givelocalnrv.org/
title: 2026 GiveLocalNRV Giving Day Homepage
site name: GiveLocalNRV
description: Celebrate the 13th GiveLocalNRV Giving Day with us! The 2026 giving day will kick off at noon on Wednesday, June 24 and run until noon on Thursday, June 25. Support your favorite New River Valley community organizations with a donation of $5 or more!

Technology

Fonts

Google Fonts

Third-party hosts loaded (5)

static-prod.mightycause.com×31
imagecdn.mightycause.com×7
fonts.googleapis.com×2
fonts.gstatic.com×1
kit.fontawesome.com×1

Social

Registration

Registrar

Squarespace Domains II LLC

Created

2019-09-04

Expires

2026-09-04 106 days left

Updated

2025-08-25

Name servers

ns-cloud-b1.googledomains.com
ns-cloud-b4.googledomains.com
ns-cloud-b2.googledomains.com
ns-cloud-b3.googledomains.com

DNS records live

NS

ns-cloud-b1.googledomains.com
ns-cloud-b2.googledomains.com
ns-cloud-b3.googledomains.com
ns-cloud-b4.googledomains.com

Email authentication no MX

SPF: not published
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

R13

from 2026-03-22 to 2026-06-20

Expires in 30 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.givelocalnrv.org

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), autoplay=*, camera=*, cross-origin-isolated=(self), fullscreen=*, geolocation=*, gyroscope=(), magnetometer=(), microphone=*, clipboard-read=(self), clipboard-write=(self)
x-content-type-options: nosniff
content-security-policy: default-src https: wss: 'self' *.mightycause.com api.autopilothq.com *.braintreegateway.com cdnjs.cloudflare.com *.doubleclick.net cdn.embedly.com *.facebook.net *.facebook.com *.firebaseio.com *.fontawesome.com *.formstack.com cdn.jsdelivr.net *.kaptcha.com *.maxmind.com *.plaid.com *.paypal.com *.paypalobjects.com *.segment.com *.segment.io *.stripe.com *.surveymonkey.com *.uploadcare.com ucarecdn.com *.youtube.com *.vimeo.com *.awswaf.com *.flockler.com *.hsforms.net *.thefamousgroup.com *.visualwebsiteoptimizer.com app.vwo.com *.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com d2c6wt5h92c1t2.cloudfront.net da3a5jhrzfmu8.cloudfront.net; script-src https: 'self' 'unsafe-eval' 'unsafe-inline' blob: nimbleswan.io static.tagboard.com *.mightycause.com api.autopilothq.com *.braintreegateway.com cdnjs.cloudflare.com *.doubleclick.net cdn.embedly.com *.facebook.net *.facebook.com *.firebaseio.com *.fontawe
strict-transport-security: max-age=7776000