pamedsoc.org

HTML metadata

Title: Pennsylvania Medical Society | PAMED | Physician Advocacy
Description: PAMED represents Pennsylvania physicians, advancing medical leadership, advocating for quality patient care, and supporting professional growth since 1848.
Language: en
Generator: Sitefinity 15.4.8628.0 DX
Canonical: https://www.pamedsoc.org

Open Graph

url: https://www.pamedsoc.org
title: Pennsylvania Medical Society | PAMED | Physician Advocacy
site name: PAMED - Default
description: PAMED represents Pennsylvania physicians, advancing medical leadership, advocating for quality patient care, and supporting professional growth since 1848.

Technology

Server: Microsoft-IIS

Analytics

Google Tag Manager

Third-party hosts loaded (3)

cdn.jsdelivr.net×2
kit.fontawesome.com×2
www.googletagmanager.com×1

Social

Registration

Registrar

GoDaddy.com, LLC

Created

1995-08-07

Expires

2030-08-06 1540 days left

Updated

2024-06-27

Name servers

ns31.domaincontrol.com
ns32.domaincontrol.com

DNS records live

NS

ns31.domaincontrol.com
ns32.domaincontrol.com

MX

10 d153418a.ess.barracudanetworks.com
20 d153418b.ess.barracudanetworks.com

TXT

Show 7 TXT records

The Pennsylvania Medical Society
fccabb3a18f455f1032d277388a6c7ba
MS=ms79967157
google-site-verification=Fa-oGoT0i084cflS9ij-0wXIeGACu2dUlsT5LcMXFN8
smartsheet-site-validation=eYU4ynS7mPbrjcIdBZu4uE63jzOMW_U2
google-site-verification=yDlcDDpJ4CzdvkY2fZG-8JksUsxUUkYK5BO4uKYGwSc
google-site-verification=YWbFMQNGk_smMw_UHuPGIlMVAaEB-leLwAxJCKnJxL0

Email authentication strong

SPF: v=spf1 mx a:smtp.sendgrid.net ip4:149.72.169.27 ip4:167.89.127.128 ip4:159.183.153.144 ip4:50.207.25.10 include:spf.constantcontact.com include:spf.ess.barracudanetworks.com include:relay1.weblinkinternational.com include:app.aventri.com include:spf.commbrands.com include:spf.protection.outlook.com include:_spf.votervoice.net -all
strict (-all)
DMARC: v=DMARC1; p=quarantine; fo=1; pct=100
policy: quarantine
DKIM: no key found at common selectors

Certificate (current)

Amazon RSA 2048 M01

from 2025-10-12 to 2026-11-11

Expires in 176 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.pamedsoc.org/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-embedder-policy
cross-origin-resource-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
x-content-type-options: nosniff
content-security-policy: default-src 'self' *.fontawesome.com; script-src 'self' *.googleapis.com *.gstatic.com www.google.com apis.google.com *.google-analytics.com connect.facebook.net ajax.aspnetcdn.com https://www.youtube.com platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://*.googletagmanager.com cdnjs.cloudflare.com *.fontawesome.com *.buzzsprout.com *.resolve.com *.jotform.com *.votervoice.net *.land *.ctctcdn.com *.licdn.com *.propfuel.com *.hotjar.com cdn.jsdelivr.net *.redditstatic.com https://cdn.insight.sitefinity.com https://player.vimeo.com/api/player.js https://www.youtube.com/iframe_api cdn.ampproject.org js.hs-scripts.com js.hs-analytics.net js.hs-banner.com js.hsleadflows.net forms.hubspot.com js.hscollectedforms.net *.eloqua.com *.en25.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com kendo.cdn.telerik.com www.google.com
strict-transport-security: max-age=0; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: cross-origin

Links to (7)

Linked from (1)

acms.org×2