oa-scouting.org

.org crawl

First seen 2026-04-19 · Last seen 2026-05-19 · ok HTTP/1.1 200 4407 ms crawled 2026-05-13

US · 67.227.156.76 · AS32244 Liquid Web, L.L.C

Reputation 94/100 dmarc monitor-only

sector nonprofit type homepage

HTML metadata

Title: Order of the Arrow - Scouting America
Description: Official website of the Order of the Arrow - Scouting's National Honor Society.
Language: en
Generator: Drupal 11 (https://www.drupal.org)
Canonical: https://oa-scouting.org/

Open Graph

url: https://oa-scouting.org/node
title: Home
site name: Order of the Arrow, Scouting America

Technology

Server: Apache
CMS: Drupal

Analytics

Google Tag Manager

Fonts

Adobe Fonts

Third-party hosts loaded (5)

cdnjs.cloudflare.com×6
use.typekit.net×3
code.jquery.com×1
js.createsend1.com×1
www.googletagmanager.com×1

Social

Contact

Phone

972-580-2438

Address

st Walnut Hill LaneP.O. Box 15207

Registration

Registrar

MarkMonitor Inc.

Created

2024-07-03

Expires

2026-07-03 44 days left

Updated

2024-07-08

Name servers

ns.liquidweb.com
ns1.liquidweb.com

DNS records live

NS

ns.liquidweb.com
ns1.liquidweb.com

MX

1 aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 6 TXT records

atlassian-domain-verification=ARtLCfKAMvEDntnGACRAMRd4i5BRwA2Hn0pIJjWlLlbXTgp0pIEQYXyJCQdbgoQx
google-site-verification=QkeZsG-eGe61XNk94ye-kFpXNO3TbA69XARz0TeD3cg
status-page-domain-verification=f27jv19k5sp5
google-site-verification=coSiKWnkS9xyaR5QdTuHgs22NjU1oOXHsibr0XRFCYA
google-site-verification=cRcuSK6-Xk_UlkGbddkXA0r2vys1PsM7l47A_un7_24
twilio-domain-verification=1f8523429bf4e5590abb291106735afb

Email authentication partial

SPF

v=spf1 +a +mx include:_spf.google.com include:stspg-customer.com include:sendgrid.net include:_spf.createsend.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc_agg@vali.email;

policy: none (monitoring only)

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1C12Y5VKCuMW25m9ErM3GcPwtaq0QIJpwY1NngbOculF/ezi6GV2rFp+Vv5AuHjeMU+qeSVboOLcQe…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3AAiyIL/CWW4rN1ngcgmN7/gC7UWAhva+gLmR6XfOSCPWJftOsJdE1m7lv6CnJkWyETJrCOjmT476wqtfz…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3Ul7JLPoYK2nWfIpePSSBQm49PFL4ucp9CgR6XKKfUFJlm08aJqdep1nl8OcG7CD+GjfiFb8V2HbGVeq5ogp3xB…

selectors probed

Certificate (current)

RapidSSL TLS RSA CA G1

from 2025-09-26 to 2026-09-26

Expires in 129 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://oa-scouting.org/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src https: http://history.oa-bsa.org data: 'unsafe-inline' 'unsafe-eval' placehold.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.oa-bsa.org *.oa-scouting.org www.google-analytics.com unpkg.com cdn.jsdelivr.net www.googletagmanager.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com use.typekit.com www.google.com use.typekit.net code.jquery.com stackpath.bootstrapcdn.com www.gstatic.com cdn.knightlab.com cdnjs.cloudflare.com static.addtoany.com api.instagram.com www.instagram.com ajax.googleapis.com maps.googleapis.com connect.facebook.net platform.twitter.com cdn.jsdelivr.net *.createsend1.com; style-src 'self' 'unsafe-inline' *.oa-bsa.org *.oa-scouting.org unpkg.com fonts.googleapis.com cdn.knightlab.com cdn.jsdelivr.net stackpath.bootstrapcdn.com use.typekit.net p.typekit.net cdnjs.cloudflare.com; connect-src 'self' www.google-analytics.com *.hotjar.com unpkg.com *.hotjar.io wss://*.hotjar.com use.typekit.com cdn.jsdelivr.net www.google.com use.typekit
strict-transport-security: max-age=31536000;

Links to (9)

Linked from (2)

jonhillis.com×2
tecumseh65.org×1