malala.org

HTML metadata

Title: Malala Fund
Description: Founded by student and Nobel laureate Malala Yousafzai, Malala Fund invests in girls' education programmes to help girls go to school and reach their full potential.
Language: en-US

Technology

CDN: Amazon CloudFront
Server: Heroku
CMS: Gatsby

Analytics

Google Analytics
Google Tag Manager

Fonts

Adobe Fonts
Google Fonts

Third-party hosts loaded (9)

images.ctfassets.net×45
images.contentful.com×2
use.typekit.net×2
fonts.googleapis.com×1
fonts.gstatic.com×1
kit.fontawesome.com×1
q.stripe.com×1
www.google-analytics.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

NameCheap, Inc.

Created

2011-12-28

Expires

2026-12-28 223 days left

Updated

2023-12-04

Name servers

ns-1130.awsdns-13.org
ns-14.awsdns-01.com
ns-1894.awsdns-44.co.uk
ns-795.awsdns-35.net

DNS records live

NS

ns-1130.awsdns-13.org
ns-14.awsdns-01.com
ns-1894.awsdns-44.co.uk
ns-795.awsdns-35.net

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 9 TXT records

apple-domain-verification=OjWSHiIJrQccFQ6wuDDuz0c6l3N5jsNK55mi2dJFKlQ
facebook-domain-verification=ibqeiw7vuq2rbv4x2mo20znzoy9uco
google-site-verification=-H5z3ms0H-06IV7aLpk_nZtQ6UydRt4A0Ks0ciBUZZA
google-site-verification=-mbxDDji3wUZikKEGxLeiavBEUHHPQFYQ8xtojlBtLQ
google-site-verification=cc7W0RwTb5okpruFqBPJ7M5BiidkjvEbP6Dk_Nz3mvg
google-site-verification=kaahyOF3NohLeGHVinfUmH1G84Jh-8zoDxSa60eoutg
google-site-verification=mRMR8zStfdZc5ma1rLmO4DFG76BhTZISUMW19CHHGow
google-site-verification=wC1xPoAZoj1GZa-XmagacYkm8OpVCzZWnAmt-b5kUyo
zendeskverification.malalafund.org set to c9d864a62c729690 v=spf1 include:mail.zendesk.com ?all

Email authentication strong

SPF

v=spf1 ip4:74.121.51.128 ip4:35.167.85.74 include:_spf.google.com include:spf.mandrillapp.com include:servers.mcsv.net -all

strict (-all)

DMARC

v=DMARC1; p=reject;adkim=r;aspf=r;pct=100;rua=mailto:dmarc_agg@vali.email;

policy: reject (enforced)

DKIM

google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCCl386OfU1HPP8jXwKCyOxEwqcoGblSe7rWiZUoT6aHWccR46KjLh2SFdR+YR8LJHJ4ATVvqswjq1m87yFHy…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

Amazon RSA 2048 M01

from 2025-12-09 to 2027-01-07

Expires in 233 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://malala.org/

present

content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

missing HSTS
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self'; media-src 'self' ws://localhost:3035 localhost:3035 *.ctfassets.net malala.org *.malala.org *.youtube.com www.youtube.com *.twimg.com; font-src *.fontawesome.com doublethedonation.com localhost:8080 *.doublethedonation.com *.typekit.net *.googleapis.com *.cognitoforms.com *.gstatic.com cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com www.bugherd.com d2iiunr5ws5ch1.cloudfront.net 'self' data:; img-src * malala.org ws://localhost:3035 localhost:3035 *.malala.org 'self' data:; object-src 'none'; script-src malala.org *.malala.org *.gtm.js ws://localhost:3035 localhost:3000 localhost:3035 *.googleapis.com *.googletagmanager.com tagmanager.google.com *.google-analytics.com optimize.google.com doublethedonation.com *.doublethedonation.com *.bugsnag.com *.consensu.org *.givelively.org *.stripe.com *.paypal.com *.cognitoforms.com *.plaid.com *.google.com *.gstatic.com *.youtube.com *.vimeo.com *.typeform.com *.typekit.net *.website-files.com d3e54v103j8qbb.cloudf