indexo.dev

stroke.org

.org crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 1845 ms crawled 2026-05-18

US · 104.18.20.19 · AS13335 Cloudflare, Inc.

Reputation 95/100 weak security headers

Classifying

HTML metadata

Title
American Stroke Association
Description
The American Stroke Association is a relentless force for a healthier world with fewer strokes.
Language
en
Canonical
https://www.stroke.org/en/

Open Graph

url
https://www.stroke.org/en/
title
American Stroke Association | A Division of the American Heart Association
site name
www.stroke.org
description
The American Stroke Association is a relentless force for a healthier world with fewer strokes.

Technology

CDN
Cloudflare
Analytics
  • Cloudflare Insights
  • Google Tag Manager
Cookie consent
  • OneTrust
Fonts
  • Google Fonts
Third-party hosts loaded (8)
  • static.cloud.coveo.com×6
  • fonts.googleapis.com×2
  • static.heart.org×2
  • cdn.cookielaw.org×1
  • cdn.jsdelivr.net×1
  • fonts.gstatic.com×1
  • static.cloudflareinsights.com×1
  • www.googletagmanager.com×1

Social

Contact

Phone

Registration

Registrar
MarkMonitor Inc.
Created
1995-11-30
Expires
2026-11-29 193 days left
Updated
2025-11-02
Name servers
  • ns1.heart.org
  • ns2.heart.org
  • ns3.heart.org

DNS records live

NS
  • ns1.heart.org
  • ns2.heart.org
  • ns3.heart.org
MX
  • 10 mxa-004ad404.gslb.pphosted.com
  • 10 mxb-004ad404.gslb.pphosted.com
TXT
Show 4 TXT records
  • facebook-domain-verification=bsidhbje8joirqe78b5j8fn59s3oa0
  • MS=ms76128161
  • google-site-verification=oOSxnoL20VOtAb5iriSZ5fSlccy_E8_3AiT-gH1F3Wc
  • rg-prod-sitecore-east-501290-cd.azurewebsites.netrg-prod-sitecore-west-501290-cd.azurewebsites.net

Email authentication strong

SPF
v=spf1 include:spf.protection.outlook.com ip4:207.109.138.47 ip4:148.163.159.107 ip4:148.163.159.109 ip4:148.163.157.131 ip4:148.163.157.134 -all
strict (-all)
DMARC
v=DMARC1;p=reject;sp=reject;fo=1;rua=mailto:dmarc_rua@emaildefense.proofpoint.com;ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com
policy: reject (enforced) · sp=reject
DKIM
  • selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCSmRCPDxdc0OBqYNcJFNp65WRsqOloD7zNM2ZGLdj8yW0kK15dvQQzXKfSUp0m3r/eURxGatvXQujgKt4rQT…
  • selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCu+dEQWBE/tpMhYoak6r74ggztgvVtIprDX/XB7SPT2KYm1C3QMHi5j12+5P7jnQt9b6GKby68bVY7nbLnqF…
selectors probed

Certificate (current)

WE1
from 2026-03-29 to 2026-06-27
Expires in 39 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 40/100 Checked live page: https://www.stroke.org/

present
  • content-security-policy
findings
  • missing HSTS
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
content-security-policy
default-src 'self' https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.googleoptimize.com https://*.cookielaw.org https://*.cloud.coveo.com https://*.googletagmanager.com https://*.fundraiseup.com https://*.google-analytics.com https://*.hotjar.com https://*.facebook.net https://*.quantserve.com https://*.adsrvr.org https://*.vimeocdn.com https://*.pixel.ad https://*.pardot.com https://*.optimizely.com https://*.doubleclick.net https://*.googleadservices.com https://*.sascdn.com https://*.id5-sync.com https://*.licdn.com https://*.ads-twitter.com https://*.googlesyndication.com *; style-src 'self' 'unsafe-inline' *; connect-src 'self' 'unsafe-inline' *; font-src 'self' data: *; img-src 'self' data: *; frame-src 'self' *; media-src 'self' blob: data: *

Links to (16)

Linked from (5)