medicalprotection.org

.org crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 5198 ms crawled 2026-05-19

US · 104.16.4.14 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title

Medical Protection

Description

Medical Protection Society Website

Language

Canonical

https://www.medicalprotection.org

Translations

en ×9

Technology

CDN: Cloudflare
CMS: Ghost

Third-party hosts loaded (1)

mpscdnuks.azureedge.net×2

Registration

Registrar

SafeNames Ltd.

Created

2002-11-12

Expires

2026-11-12 175 days left

Updated

2024-12-27

Name servers

ns3-04.azure-dns.org
ns1-04.azure-dns.com
ns2-04.azure-dns.net
ns4-04.azure-dns.info

DNS records live

NS

ns1-04.azure-dns.com
ns2-04.azure-dns.net
ns3-04.azure-dns.org
ns4-04.azure-dns.info

MX

10 cluster1.eu.messagelabs.com

TXT

hpe-greenlake-domain-verification=30643968493134703041444e7567676768476777536d7665797a6b6b68705969
vmware-cloud-verification-f0f1fa59-c1bc-416d-a969-a8dc7ff22a4d
AD46C7BC70D52E910F0366836FB8217A4D632C06A68A4FB55AC5D322B7C2F139

Verified for

Atlassian
DocuSign
Figma
Miro
Smartsheet

Email authentication partial

SPF

v=spf1 include:spf.messagelabs.com include:_spf-uk.echoworx.com include:spf-include.medicalprotection.org include:sendgrid.net include:_spf.qualtrics.com include:cmspf.teamnetwork.net.nz include:amazonses.com -all exp=spf-failure.medicalprotection.org

strict (-all)

DMARC

v=DMARC1; p=none; pct=100; rua=mailto:admin@medicalprotection.org; sp=none; aspf=r;

policy: none (monitoring only) · sp=none

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yvAc/Gq1B2qbiPkH+OHNDJh1LsscMAQN4OCDcajD3mYc3Nwighs81/qAJci+M4qpQdMr7Fq55W6BMHIF0…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6qE5hDgy/FzW+BT8Xf5mqNjoqxviCI6Wcv4uPFQPXYUTo4gxYnb/KAlZLGKLFiyBKGwdq5/1Rr0EP6gn3I…

selectors probed

Certificate (current)

WE1

from 2026-04-04 to 2026-07-03

Expires in 44 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.medicalprotection.org/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://mpscdnuks.azureedge.net; script-src 'self' *.googleapis.com *.gstatic.com www.google.com apis.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js 'unsafe-inline' 'unsafe-eval' https://cdn-ukwest.onetrust.com/ *.qualtrics.com https://cdn.insight.sitefinity.com https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org web-chat.nativechat.com unpkg.com/@frontify/ *.cloudinary.com www.googletagmanager.com mpscdnuks.azureedge.net widget.spreaker.com www.googleadservices.com *.doubleclick.net www.instagram.com www.vimeo.com vimeo.com code.jquery.com snap.licdn.com mail2.mps.org.uk https://secure.garm9yuma.com kendo.cdn.telerik.com https://ajax.microsoft.com http://aspnet-s
strict-transport-security: max-age=31536000; preload