Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=emrstudio.clinics.apollohl.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
55 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CA:7A:F8:70:D7:A1:C0:E1:01:DC:1D:D3:1E:55:7E:81:63:0E:8C:36:79:24:F6:DC:97:D8:BD:3F:BC:0A:F1:AC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
dryduckgames.com
aaron-gee.ca
game-calendar.cloud.alxios.com
anchor-watcher.com
anywish.me
emrstudio.clinics.apollohl.com
artifexremodeling.com
astralbilling.com
www.brimhq.com
brokerjulie.com
www.cartaofacilita.com.br
cdc-jp.com
changshengrealty.com
circleofdevs.com
cloudmall-uk.com
www.communicationsskillstraining.ie
chat.coralgardeners.org
www.deeperks.com
dissonantdruid.com
www.drvassii.hu
v1.studio.edgevideo.com
myiwik.iwik.edu.vn
www.eteq.co.jp
evchargerassist.com
consumers.ewhallet.com
faststartjobs.com
link.fate-go.jp
firinglineltd.com
www.fleetaid.net
a0if.foodle.su
gdk4.foodle.su
painelguaraci.g2canal.com.br
www.hovnokod.cz
hyperiontxn.com
www.iambluewonk.com
www.icesportvarese.it
portfolio.thgilnus.id.vn
mhyk-river-crossing.idee-novel.com
indianspringskatahdins.com
picking-capacity.ingka.com
joesephmmamel.com
www.joesephmmamel.com
city-3d.karla.ai
www.kartochka.pro
kingara.com
preview.kontentino.link
www.kopigao.com
www.loveasp.net
mahahomestay.in
malayalamquest.com
markseangarcia.com
aretaeio.mayamd.ai
merlin.cool
minymal.app
app.monsoonanalytics.io
nohelpcoming.xyz
www.nonogramsonline.com
colegio-medico.noovo.cl
demo.ogwmnm.me
app.one-group.se
www.operative.com.br
orizabal.ca
www.ouiborne.fr
buttonlinks.ozbot.si
parallelplannen.nu
pbjapps.com
suporterh.performait.com
piaallerslev.dk
piri.net
kood.praktikal.ee
prof-ug.com
roundtable.qlu.ai
atlas.rezidnet.com
robotjurist.nl
rulial.life
m.salla.ps
schunk-remotesupport.com
www.shrijanregmi.com
care-portal.diga-meno-test-eu.cluster.sidekickhealth.com
app.smoothy.co
www.soledxb-vendorportal.com
splingoapps.com
statsearch.team
www.studioippocrates.it
vania-demo.talentlytica.com
thuyyung.tattyhouse.com
tb-manager.teachingboost.fr
tensorbox.ai
bonzai.thediners.in
timeslottter.tech
paustor-studio.timp.io
demo.app.trune.io
vienhues.com
kanchipuram.vishnutaxi.com
www.vuemastery.com
www.wayz.app
www.whichsandwich.com
www.yada.us
www.yewaleamruttulya.com
app.zenhouse.com.br
Other domains in certificate