indexo.dev

nhd.org

.org crawl

First seen 2026-05-21 · Last seen 2026-05-30 · ok HTTP/1.1 200 2012 ms crawled 2026-05-28

US · 104.21.92.242 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Home - National History Day
Description
National History Day forms thoughtful citizens and confident teachers by improving the teaching and learning of history.
Language
en-US
Generator
WordPress 7.0
Canonical
https://nhd.org/en/
Translations
  • en ×2
  • es ×2
  • pl ×2
  • zh ×2
  • ar
Feeds

Open Graph

url
https://nhd.org/en/
title
National History Day
locale
en_US
site name
National History Day
description
National History Day forms thoughtful citizens and confident teachers by improving the teaching and learning of history.

Technology

CDN
Cloudflare
CMS
WordPress 7.0
jQuery
1.12.4 known XSS (<3.5)
Analytics
  • Google Tag Manager

Third-party hosts loaded (6)

  • cdnjs.cloudflare.com×6
  • stats.wp.com×2
  • ajax.googleapis.com×1
  • cdn-cookieyes.com×1
  • www.facebook.com×1
  • www.googletagmanager.com×1

Social

Registration

Registrar
Network Solutions, LLC
Created
2003-04-29
Expires
2027-04-29 332 days left
Updated
2022-02-28
Name servers
  • carter.ns.cloudflare.com
  • chin.ns.cloudflare.com

DNS records live

NS
  • carter.ns.cloudflare.com
  • chin.ns.cloudflare.com
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
  • iContact1738188
Verified for
  • Google

Email authentication strong

SPF
v=spf1 ip4:64.62.178.160/28 ip4:166.70.33.32/27 include:_spf.google.com include:icpbounce.com include:shops.shopify.com a mx ~all
softfail (~all)
DMARC
v=DMARC1; p=reject; rua=mailto:dmarca@nhd.org; ruf=mailto:dmarc@nhg.org; fo=1
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

WE1
from 2026-04-09 to 2026-07-08
Expires in 38 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://nhd.org/en/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • short HSTS max-age
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • weak frame protection
  • missing Permissions Policy
Header values
referrer-policy
no-referrer-when-downgrade
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
strict-transport-security
max-age=0; includeSubDomains

Links to (10)

Linked from (2)