indexo.dev

impactpathfinder.org

.org crawl

First seen 2026-04-20 · Last seen 2026-05-13 · ok HTTP/1.1 200 2494 ms crawled 2026-05-13

US · 104.18.7.102 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
CGAP | Impact Pathways Platform
Description
The Impact Pathfinder, developed by CGAP, shows how financial inclusion contributes to global development, drawing from over 600 carefully curated research studies.
Language
en

Technology

CMS
Next.js
Social widgets
  • YouTube Embed

Third-party hosts loaded (2)

  • www.youtube.com×2
  • assets.adobedtm.com×1

Social

Contact

Address
1818 H Street, NWMSN F3K-306Washington, DC 20433

Registration

Registrar
Amazon Registrar, Inc.
Created
2024-08-14
Expires
2033-08-14 2643 days left
Updated
2026-05-06
Name servers
  • ns-1281.awsdns-32.org
  • ns-152.awsdns-19.com
  • ns-1768.awsdns-29.co.uk
  • ns-890.awsdns-47.net

DNS records live

NS
  • ns-1281.awsdns-32.org
  • ns-152.awsdns-19.com
  • ns-1768.awsdns-29.co.uk
  • ns-890.awsdns-47.net

Email authentication no MX

SPF
v=spf1 -all
strict (-all)
DMARC
v=DMARC1; p=reject; ruf=mailto:dmarc@worldbankgroup.org
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

Cloudflare TLS Issuing ECC CA 1
from 2026-04-02 to 2026-10-18
Expires in 152 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.impactpathfinder.org/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://aia-cgap-backend-secure-production.up.railway.app https://cgapdevapi.think201.xyz https://api.impactpathfinder.org https://chatapi.impactpathfinder.org https://www.youtube.com/ https://cgapapi.think201.xyz https://aia-cgap-backend-secure-staging.up.railway.app https://redlof-cgap.s3.ap-south-1.amazonaws.com/; script-src 'self' 'nonce-NjA3MTM0ZDAtNGM1OS00OTI1LWFkYTQtMjExODFhMWZhZmU3' 'strict-dynamic' https: http: 'unsafe-inline' ; style-src 'self' 'unsafe-inline'; img-src 'self' blob: data: https: http:; font-src 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests;
strict-transport-security
max-age=31536000; includeSubDomains; preload

Links to (6)

Linked from (1)