givenola.org

.org crawl

First seen 2026-05-02 · Last seen 2026-05-15 · ok HTTP/1.1 200 4250 ms crawled 2026-05-09

US · 209.17.116.163 · AS19871 Network Solutions, LLC

Reputation 75/100 wrong cert

sector nonprofit type homepage

HTML metadata

Title: GiveNOLA Day
Description: Give on GiveNOLA Day, the Greater New Orleans Foundation’s annual online giving event supporting nearly 1,000 local nonprofits across Southeast Louisiana.
Language: en
Canonical: http://www.givenola.org/

Open Graph

url: http://www.givenola.org/
title: GiveNOLA Day | Greater New Orleans Foundation's Annual Regional Giving Day
site name: GiveNOLA Day
description: Give on GiveNOLA Day, the Greater New Orleans Foundation’s annual online giving event supporting nearly 1,000 local nonprofits across Southeast Louisiana.

Technology

Fonts

Google Fonts

Third-party hosts loaded (6)

static-prod.mightycause.com×33
imagecdn.mightycause.com×6
cdn-images.mailchimp.com×3
fonts.googleapis.com×2
fonts.gstatic.com×1
kit.fontawesome.com×1

Social

Contact

Phone

(504) 598-4663

Address

St. Charles Ave. New Orleans, LA 70130

Registration

Registrar

Network Solutions, LLC

Created

2013-12-12

Expires

2026-12-12 207 days left

Updated

2026-01-14

Name servers

ns51.worldnic.com
ns52.worldnic.com

DNS records live

NS

ns51.worldnic.com
ns52.worldnic.com

Email authentication no MX

SPF

not published

DMARC

v=DMARC1; p=none;

policy: none (monitoring only)

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3y2AXRbKgVIG9Av7RX/gzQ8VnXL35w8aswLtNHiSCVIP05AuNBNqhZrJWPt+qutkkxyuFl8jWiTh7Q79b…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVYuYfrvRTlMBNazco1LRzDT3lwHg+lOM58o5gewHezA53AqHDrsLKpdLTTqRE8Q/10GYTSLN3DyDdN5RC0C5hei…

selectors probed

Certificate (current) wrong cert

Sectigo RSA Domain Validation Secure Server CA

from 2021-08-12 to 2022-09-13

Expired 1344 days ago

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.givenola.org/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), autoplay=*, camera=*, cross-origin-isolated=(self), fullscreen=*, geolocation=*, gyroscope=(), magnetometer=(), microphone=*, clipboard-read=(self), clipboard-write=(self)
x-content-type-options: nosniff
content-security-policy: default-src https: wss: 'self' *.mightycause.com api.autopilothq.com *.braintreegateway.com cdnjs.cloudflare.com *.doubleclick.net cdn.embedly.com *.facebook.net *.facebook.com *.firebaseio.com *.fontawesome.com *.formstack.com cdn.jsdelivr.net *.kaptcha.com *.maxmind.com *.plaid.com *.paypal.com *.paypalobjects.com *.segment.com *.segment.io *.stripe.com *.surveymonkey.com *.uploadcare.com ucarecdn.com *.youtube.com *.vimeo.com *.awswaf.com *.flockler.com *.hsforms.net *.thefamousgroup.com *.visualwebsiteoptimizer.com app.vwo.com *.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com d2c6wt5h92c1t2.cloudfront.net da3a5jhrzfmu8.cloudfront.net; script-src https: 'self' 'unsafe-eval' 'unsafe-inline' blob: nimbleswan.io static.tagboard.com *.mightycause.com api.autopilothq.com *.braintreegateway.com cdnjs.cloudflare.com *.doubleclick.net cdn.embedly.com *.facebook.net *.facebook.com *.firebaseio.com *.fontawe
strict-transport-security: max-age=7776000