halodoc.com
halodoc.com
HTML metadata
Technology
- Server
- ESA
- Analytics
-
- Amplitude
- Google Analytics
- Ads
-
- Google Ads
- Google Ads (DoubleClick)
- Fonts
-
- Font Awesome
Third-party hosts loaded (19)
- d2qjkwm11akmwu.cloudfront.net×13
- d8vafvw44neu2.cloudfront.net×7
- d20xmjteofaz2y.cloudfront.net×3
- 9669236.fls.doubleclick.net×2
- cdn.amplitude.com×2
- d1bpj0tv6vfxyp.cloudfront.net×2
- d1e8la4lqf1h28.cloudfront.net×2
- d1ojs48v3n42tp.cloudfront.net×2
- d1vbn70lmn1nqe.cloudfront.net×2
- d324bm9stwnv8c.cloudfront.net×2
- halodoc-sumba.s3-ap-southeast-1.amazonaws.com×2
- js.appboycdn.com×2
- snap.licdn.com×2
- stats.g.doubleclick.net×2
- use.fontawesome.com×2
- www.google-analytics.com×2
- www.googleadservices.com×2
- www.gstatic.com×2
- js-cdn.dynatrace.com×1
Registration
- Registrar
- GoDaddy.com, LLC
- Created
- 2011-10-11
- Expires
- 2028-10-11 874 days left
- Updated
- 2025-10-12
- Name servers
-
- ns-1235.awsdns-26.org
- ns-1922.awsdns-48.co.uk
- ns-330.awsdns-41.com
- ns-942.awsdns-53.net
DNS records live
- NS
-
- ns-1235.awsdns-26.org
- ns-1922.awsdns-48.co.uk
- ns-330.awsdns-41.com
- ns-942.awsdns-53.net
- MX
-
- 10 aspmx.l.google.com
- 20 alt1.aspmx.l.google.com
- 30 alt2.aspmx.l.google.com
- 40 aspmx2.googlemail.com
- 50 aspmx3.googlemail.com
- Verified for
-
Email authentication partial
- SPF
-
v=spf1 mx a:halodoc.com include:_spf.google.com include:sendgrid.net include:spf.mandrillapp.com include:mail.zendesk.com ~allsoftfail (~all) - DMARC
-
v=DMARC1; p=none;policy: none (monitoring only) - DKIM
-
- google:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgg6C/b9furL1Ado13t56aFDLWwLmZiJpTADQHzG6nfCtoid4eWQ1M/rpWOgOXfMxOPQmjG6FwPZImu… - s1:
k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ysoCmlrngVaKqBhLaeO6gN1nRkN57N6unK9nLf2HHwNwXl4dBgmZMqtRj4mGmiAIuDZGBkK8ScCaOL3CE… - s2:
k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMFEdxN+/cXocGg1CdzW1fJqZaUhjobreJijN60vdofG7PgguSSVK74tZAIt0kX1BOcmoT4IHpTclZoQYNKpgMyh…
selectors probed - google:
Certificate (current)
Amazon RSA 2048 M04
Expires in 244 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- referrer-policy
- permissions-policy
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
Header values
- referrer-policy
strict-origin-when-cross-origin- x-frame-options
SAMEORIGIN- permissions-policy
vibrate=(self), sync-xhr=(self https://www.halodoc.com)- x-content-type-options
nosniff- content-security-policy
default-src 'self';style-src 'self' https://use.fontawesome.com https://fonts.googleapis.com https://*.clevertap.com 'unsafe-inline' 'unsafe-eval';script-src 'self' http://localhost:4000 https: 'unsafe-inline' 'unsafe-eval';img-src 'self' https://*.google.co.in https://*.google.co.id https://maps.googleapis.com https://googleapis.com https://s-media-cache-ak0.pinimg.com https://i.pinimg.com https://*.cloudfront.net https://reviews.123rf.com https://wikipedia.org https://api.veritrans.co.id https://res.cloudinary.com https://image.shutterstock.com https://tineye.com https://stats.g.doubleclick.net https://doctor.halodoc.com https://www.google-analytics.com https://www.facebook.com https://halodoc-sumba.s3-ap-southeast-1.amazonaws.com https://halodoc-sumba.s3.ap-southeast-1.amazonaws.com https://robot-id.borzodelivery.com https://logistics-document-service-production-1330305843.cos.ap-jakarta.myqcloud.com https://grabtaxi-grab-express.s3.ap-southeast-1.amazonaws.com https://anteraja-im- strict-transport-security
max-age=31536000; includeSubDomains