indexo.dev

unitedwaystore.com

.com crawl

First seen 2026-05-05 · Last seen 2026-05-05 · ok HTTP/1.1 200 1079 ms crawled 2026-05-12

US · 45.223.146.37 · AS19551 Incapsula Inc

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
United Way
Language
en
Canonical
https://unitedwaystore.com/

Technology

Analytics
  • Google Tag Manager

Third-party hosts loaded (2)

  • spponeimages.azureedge.net×11
  • www.googletagmanager.com×1

Registration

Registrar
GoDaddy.com, LLC
Created
2001-07-10
Expires
2027-07-10 417 days left
Updated
2026-04-28
Name servers
  • ns47.domaincontrol.com
  • ns48.domaincontrol.com

DNS records live

NS
  • ns47.domaincontrol.com
  • ns48.domaincontrol.com
MX
  • 0 smtp.secureserver.net
  • 10 mailstore1.secureserver.net
TXT
  • 14638f42-a17d-4233-a598-a82b2df88f9c
  • b3d486d3-17a9-43aa-a339-9836daedfa3e

Email authentication weak

SPF
not published
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

Go Daddy Secure Certificate Authority - G2
from 2026-03-05 to 2026-09-19
Expires in 124 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://unitedwaystore.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.artifi.net *.attentivemobile.com *.attn.tv *.azureedge.net *.bing.com *.btttag.com *.cloudfront.net *.contentsquare.com *.contentsquare.net *.corpmerchandise.com *.demdex.net *.dynamicyield.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.inside-graph.com *.issuu.com *.jquery.com *.lightboxcdn.com *.marketo.com *.marketo.net *.newrelic.com *.nr-data.net *.oppwa.com *.qualtrics.com *.retentionscience.com *.schemaapp.com *.staples-static.com *.staples.com *.staplespromo.com *.trustarc.com *.turnto.com *.turnto.eu *.zmags.com cdnjs.cloudflare.com connect.facebook.net googleads.g.doubleclick.net https://*.kaptcha.com https://*.kore.ai/ https://apis.google.com/ https://assets.adobedtm.com/ https://dy-api.com https://eu-test.oppwa.com/ https://jsonip.com https://qe14.staplesadvantage.com/ lightboxapi.azurewebsites.net wac.edgecast.net wss://*.kore.ai/;
strict-transport-security
max-age=31536000;includeSubDomains;preload;redirectHttpToHttps

Links to (4)

Linked from (1)