mduinsurance.com

.com crawl

First seen 2026-04-15 · Last seen 2026-05-11 · ok HTTP/1.1 200 1037 ms crawled 2026-05-11

US · 45.60.124.122 · AS19551 Incapsula Inc

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title: MDU Insurance Solutions
Description: MDU Insurance Solutions gives healthcare businesses access to the MDU’s expert guidance, support and defence, and a Lloyd’s of London corporate insurance policy.
Language: en

Open Graph

url: https://www.mduinsurance.com/
title: MDU Insurance Solutions
description: MDU Insurance Solutions gives healthcare businesses access to the MDU’s expert guidance, support and defence, and a Lloyd’s of London corporate insurance policy.

Technology

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Registration

Registrar

eNom, LLC

Created

2024-10-09

Expires

2026-10-09 142 days left

Updated

2024-11-28

Name servers

dns1.uk2.net
dns2.uk2.net
dns3.uk2.net

DNS records live

NS

dns1.uk2.net
dns2.uk2.net
dns3.uk2.net

MX

10 eu-smtp-inbound-1.mimecast.com
10 eu-smtp-inbound-2.mimecast.com

TXT

0ed1fe018a69f612fc8e034b32b80c9a0b7e116c5e
_uiko07shm2ou2tw7g8msqkkufdow6rb

Email authentication weak

SPF: v=spf1 include:spf.stackmail.com a mx -all
strict (-all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

DigiCert EV RSA CA G2

from 2025-10-20 to 2026-10-27

Expires in 160 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.mduinsurance.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=self, ambient-light-sensor=self, autoplay=self, camera=(), encrypted-media=self, fullscreen=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), iframe=self
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; block-all-mixed-content; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' googleads.g.doubleclick.net www.googleadservices.com https://*.vimeo.com *.googletagmanager.com https://tagmanager.google.com https://cdn.shareaholic.net https://partner.shareaholic.com https://cdn.openshareweb.com *.cookiebot.com https://consentcdn.cookiebot.eu https://www.google.com https://www.shareaholic.com https://www.google.com/recaptcha/api.js *.gstatic.com https://www.google-analytics.com/ unpkg.com *.google-analytics.com *.googleapis.com *.licdn.com https://apis.google.com/ https://www.youtube.com https://js.monitor.azure.com; worker-src 'self' blob:; object-src 'none'; font-src 'self' https://use.typekit.net https://fonts.gstatic.com https://cdn.livechatinc.com https://m9m6e2w5.stackpathcdn.com https://cdn.openshareweb.com data:; connect-src 'self' https://region1.analytics.google.com https://region1.google-analytics.com https://stats.g.doubleclick.net http
strict-transport-security: max-age=63072000; includeSubDomains
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: same-site

Linked from (1)

themdu.com×2