mwfbi.com

.com crawl

First seen 2026-05-11 · Last seen 2026-05-14 · ok HTTP/1.1 200 5264 ms crawled 2026-05-16

US · 150.171.109.35 · AS8075 Microsoft Corporation

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Mountain West Insurance
Description: Mountain-West Insurance
Language: en

Technology

CDN: Azure Front Door
CMS: Gatsby

Fonts

Google Fonts

Third-party hosts loaded (6)

cdn.quilljs.com×2
fonts.googleapis.com×2
code.jquery.com×1
fonts.gstatic.com×1
maps.googleapis.com×1
portalone.processonepayments.com×1

Registration

Registrar

GoDaddy.com, LLC

Created

1999-04-07

Expires

2028-02-16 638 days left

Updated

2026-02-17

Name servers

ns1-04.azure-dns.com
ns2-04.azure-dns.net
ns3-04.azure-dns.org
ns4-04.azure-dns.info

DNS records live

NS

ns1-04.azure-dns.com
ns2-04.azure-dns.net
ns3-04.azure-dns.org
ns4-04.azure-dns.info

MX

0 mwfbi-com.mail.protection.outlook.com

TXT

docusign=e5f9e699-3ff1-4448-8353-5cd420ac424f
MS=ms50368737
SvREzWTRm2gaal0IsV06wmqC+TD1oGtcRQUQ7S+0A3TeU0bTx0V/mDgIwJYmJ4brAwd9Q8UubE2EaqOf2FwOvA==

Email authentication weak

SPF

v=spf1 include:spf.protection.outlook.com include:amazonses.com -all

strict (-all)

DMARC

not published

DKIM

selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbIeDuCV2xSZVrRwOPqPXFLVNRK/31It/Qp0aXph3AW37F36lRZktxdz8wuoA2bPdRU6a+IJj7RDbsLmGo8y…

selectors probed

Certificate (current)

Go Daddy Secure Certificate Authority - G2

from 2026-01-12 to 2027-01-24

Expires in 250 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://mwfbi.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(), interest-cohort=(), accelerometer=*
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://www.mwfbi.com https://mwb2cprod.azurewebsites.net https://mwfweb.azurewebsites.net;script-src 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://code.jquery.com https://stgportalone.processonepayments.com https://portalone.processonepayments.com https://maps.googleapis.com https://cdn.quilljs.com 'self' https://www.mwfbi.com https://mwb2cprod.azurewebsites.net https://mwfweb.azurewebsites.net;style-src 'unsafe-inline' https://fonts.googleapis.com https://cdn.quilljs.com https://fonts.googleapis.com https://www.google-analytics.com https://use.fontawesome.com 'self' https://www.mwfbi.com https://mwb2cprod.azurewebsites.net https://mwfweb.azurewebsites.net;frame-src https://portalone.processonepayments.com https://stgportalone.processonepayments.com https://www.google.com https://www.youtube.com 'self' https://www.mwfbi.com https://mwb2cprod.azurewebsites.net https://mwfweb.azurewebsites.net;font-src *.cloudflare.com https://*.
strict-transport-security: max-age=31536000; includeSubDomains; preload

Linked from (1)

acorn.works×1