medact.org

.org crawl

First seen 2026-04-14 · Last seen 2026-05-19 · ok HTTP/1.1 200 648 ms crawled 2026-05-08

US · 104.26.13.28 · AS13335 Cloudflare, Inc.

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title

Medact - Health workers for health justice

Description

Health workers for health justice

Language

en-GB

Generator

WordPress 6.9.1

Canonical

https://www.medact.org/

Feeds

Medact » Feed RSS
Medact » Comments Feed RSS

Open Graph

url: https://www.medact.org/
title: Medact
locale: en_GB
site name: Medact
description: Health workers for health justice

Technology

CDN: Cloudflare
CMS: WordPress

Analytics

Cloudflare Insights

Third-party hosts loaded (2)

cdnjs.cloudflare.com×1
static.cloudflareinsights.com×1

Registration

Registrar

Cloudflare, Inc.

Created

1998-09-24

Expires

2026-09-23 126 days left

Updated

2025-08-29

Name servers

gwen.ns.cloudflare.com
igor.ns.cloudflare.com

DNS records live

NS

gwen.ns.cloudflare.com
igor.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 aspmx2.googlemail.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 5 TXT records

zone-ownership-verification-42e5796650fa79f61dc7f5079649eb2b9daf6158203a379d164ebd6177d302f7
zone-ownership-verification-959b86e4baef50b3c3d14d331fab7b0cfd30006c4eb300481d21ad1004aba500
facebook-domain-verification=s3m262v81rap1w20ccecb5843dztg6
google-site-verification=1aWykbHcBNbZBJSAuXjQ-SCGn1aDx7Tzi7imkbPaFDo
google-site-verification=nLGHk8ku70N5vt3tgQEYIyQBFCxASW1OT_22kFzM0b0

Email authentication partial

SPF

v=spf1 include:servers.mcsv.net include:_spf.google.com include:spf.protection.outlook.com include:_spf.rsmsecure.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:a6dfa75647614efa84ec7b2be35f657d@dmarc-reports.cloudflare.net,mailto:dmarc@medact.org

policy: none (monitoring only)

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRjW7gntYJx6F3DA4/uWqzeATI57vflgf3Q6PmzP6MHl63LSRC2+5pbrUxX/RdrFdwcsNlBTO5ItHu…

selectors probed

Certificate (current)

WE1

from 2026-04-02 to 2026-07-01

Expires in 42 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.medact.org/

present

content-security-policy

findings

missing HSTS
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

content-security-policy: frame-ancestors 'self' https://www.medact.org https://peopleshealthhearing.org https://patientsnotpassports.co.uk https://health4gnd.uk; worker-src 'self' blob: https://stat.medact.org https://www.medact.org; img-src 'self' data: https://*; connect-src 'self' https://stat.medact.org https://www.medact.org https://civi.medact.org https://io.medact.org https://cloudflareinsights.com https://pl.medact.org https://maps.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; script-src 'self' 'unsafe-inline' https://www.medact.org https://stat.medact.org https://io.medact.org https://patientsnotpassports.co.uk https://health4gnd.uk https://peopleshealthhearing.org https://static.cloudflareinsights.com https://cdn.syndication.twimg.com https://challenges.cloudflare.com https://cdnjs.cloudflare.com https://ajax.cloudflare.com https://s0.wp.com https://www.mapquestapi.com https://apis.google.com https://maps.googleapis.com 'unsafe-eval' https://pl.medact.org https://civi.medact.