childhealthinitiative.org

.org crawl

First seen 2026-04-30 · Last seen 2026-05-20 · ok HTTP/1.1 200 811 ms crawled 2026-05-07

US · 162.159.140.127 · AS13335 Cloudflare, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: Child Health Initiative
Description: Advocating for Children and Adolescents
Language: en
Canonical: https://www.childhealthinitiative.org/

Open Graph

url: https://www.childhealthinitiative.org
title: Child Health Initiative
description: Advocating for Children and Adolescents

Technology

CDN: Cloudflare

Analytics

Google Tag Manager

Cookie consent

Cookiebot

Social widgets

YouTube Embed

Third-party hosts loaded (4)

consent.cookiebot.com×1
fast.fonts.net×1
www.googletagmanager.com×1
www.youtube-nocookie.com×1

Social

Registration

Registrar

Mesh Digital Limited

Created

2016-02-11

Expires

2028-02-11 631 days left

Updated

2026-03-28

Name servers

ns1.p201.dns.oraclecloud.net
ns2.p201.dns.oraclecloud.net
ns3.p201.dns.oraclecloud.net
ns4.p201.dns.oraclecloud.net

DNS records live

NS

ns1.p201.dns.oraclecloud.net
ns2.p201.dns.oraclecloud.net
ns3.p201.dns.oraclecloud.net
ns4.p201.dns.oraclecloud.net

MX

0 childhealthinitiative-org.mail.protection.outlook.com

Email authentication weak

SPF: v=spf1 include:spf.protection.outlook.com -all
strict (-all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-04-01 to 2026-06-30

Expires in 40 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.childhealthinitiative.org/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(), microphone=(), camera=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'strict-dynamic' 'nonce-kIKIAY/XVhBCox8qxZ1fPem0' *.googleapis.com *.mapbox.com 'self'; style-src 'self' data: 'unsafe-inline'; connect-src 'self' lottie.host *.mapbox.com *.googleapis.com *.google.com *.google.co.uk *.google-analytics.com *.doubleclick.net *.facebook.com *.cookiebot.com; font-src 'self' data:; frame-src *.youtube.com 'self' *.cookiebot.com *.youtube-nocookie.com; img-src 'self' data: *.cookiebot.com *.googletagmanager.com;
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: same-origin

Links to (2)

instagram.com×1
youtube.com×1

Linked from (2)

aip-foundation.org×2
fundacionaleatica.org×1