nwagives.org

.org crawl

First seen 2026-04-21 · Last seen 2026-05-14 · ok HTTP/1.1 200 2011 ms crawled 2026-05-14

US · 15.197.225.128 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: NWA Gives
Description: NWA Gives
Language: en
Canonical: http://www.nwagives.org/

Open Graph

url: http://www.nwagives.org/
title: NWA Gives
site name: NWA Gives

Technology

Fonts

Google Fonts

Third-party hosts loaded (5)

static-prod.mightycause.com×35
imagecdn.mightycause.com×5
fonts.googleapis.com×2
fonts.gstatic.com×1
kit.fontawesome.com×1

Social

Registration

Registrar

GoDaddy.com, LLC

Created

2018-01-30

Expires

2027-01-30 255 days left

Updated

2026-03-16

Name servers

ns49.domaincontrol.com
ns50.domaincontrol.com

DNS records live

NS

ns49.domaincontrol.com
ns50.domaincontrol.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

google-site-verification=WKDkt7zCUCMQus8w4H-2mWzSFy6esPS-YDuhyyz3LFM
google-site-verification=-_TvsXInFnylJGdejijEMyq7JcFBdyWwWYZcT-NvqYk

Email authentication weak

SPF: v=spf1 include:_spf.google.com ~all
softfail (~all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

GoDaddy TLS Intermediate CA DV - R1v1

from 2026-03-14 to 2026-09-28

Expires in 132 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.nwagives.org

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), autoplay=*, camera=*, cross-origin-isolated=(self), fullscreen=*, geolocation=*, gyroscope=(), magnetometer=(), microphone=*, clipboard-read=(self), clipboard-write=(self)
x-content-type-options: nosniff
content-security-policy: default-src https: wss: 'self' *.mightycause.com api.autopilothq.com *.braintreegateway.com cdnjs.cloudflare.com *.doubleclick.net cdn.embedly.com *.facebook.net *.facebook.com *.firebaseio.com *.fontawesome.com *.formstack.com cdn.jsdelivr.net *.kaptcha.com *.maxmind.com *.plaid.com *.paypal.com *.paypalobjects.com *.segment.com *.segment.io *.stripe.com *.surveymonkey.com *.uploadcare.com ucarecdn.com *.youtube.com *.vimeo.com *.awswaf.com *.flockler.com *.hsforms.net *.thefamousgroup.com *.visualwebsiteoptimizer.com app.vwo.com *.google.com *.google-analytics.com *.googleapis.com *.gstatic.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com d2c6wt5h92c1t2.cloudfront.net da3a5jhrzfmu8.cloudfront.net; script-src https: 'self' 'unsafe-eval' 'unsafe-inline' blob: nimbleswan.io static.tagboard.com *.mightycause.com api.autopilothq.com *.braintreegateway.com cdnjs.cloudflare.com *.doubleclick.net cdn.embedly.com *.facebook.net *.facebook.com *.firebaseio.com *.fontawe
strict-transport-security: max-age=7776000

Links to (3)

Linked from (1)

sheepdogia.org×1