haima.cz
haima.cz
HTML metadata
Technology
- Server
- ATS
- CMS
- WordPress
- jQuery
- 3.2.1 known XSS (<3.5)
- Fonts
-
- Google Fonts
Third-party hosts loaded (2)
- cdnjs.cloudflare.com×2
- fonts.googleapis.com×2
Social
Contact
- Phone
- Address
- HAIMA CZ, z.s.Klinika dětské hematologie a onkologie FNMotolV Úvalu 84Praha 5 - MotolPSČ 150 06
DNS records live
- NS
-
- ns.wedos.com
- ns.wedos.cz
- ns.wedos.eu
- ns.wedos.net
- MX
-
- 1 wes1-mx1.wedos.net
- 1 wes1-mx2.wedos.net
- 10 wes1-mx-backup.wedos.net
- Verified for
-
- Microsoft 365
Email authentication weak
- SPF
-
v=spf1 mx a include:_spf.we.wedos.net -allstrict (-all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
R13
Expires in 32 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-content-type-options
- referrer-policy
- findings
-
- short HSTS max-age
- CSP allows unsafe inline scripts/styles
- missing frame protection
- missing Permissions Policy
Header values
- referrer-policy
strict-origin-when-cross-origin, no-referrer-when-downgrade- x-content-type-options
nosniff- content-security-policy
default-src 'self' sentry.litea.cz https://www.youtube.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com https://www.youtube.com/ https://s.ytimg.com/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: 1.gravatar.com https://i.ytimg.com/; font-src 'self' fonts.gstatic.com data:; frame-ancestors 'self' https://www.youtube.com/;- strict-transport-security
max-age=2592000