SSL Certificate Analysis for dynamed.com - Security Grade & TLS Configuration

Open Cached · just now

86/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 5

Adobe Fonts (Typekit)

AWS Certificate Manager

Google Cloud Storage

Google Fonts

Osano

Certificate Information

Subject

CN=*.decisions.dynamed.com

Issuer

C=US, O=Amazon, CN=Amazon RSA 2048 M01

Valid From

February 01, 2026

Valid Until

March 02, 2027 380 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

6B:BD:F7:C4:A4:3D:F0:33:A5:82:2E:1D:0B:34:22:D7:44:1E:A8:91:8C:3C:CD:E3:10:09:FE:B3:8D:11:10:1D

Alternative Names

16 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=15552000; includeSubDomains

Content-Security-Policy

Basic

default-src; script-src; style-src; +12 more

default-src 'none';script-src 'self' 'nonce-45f748e01457590db51f186966224d8c' 'unsafe-eval' https://internal-portal.devqa.ebscohealth.cloud https://internal-portal.live.ebscohealth.cloud https://*.eis-deliverydevqa.cloud https://*.devqa.ebscohealth.cloud https://*.live.ebscohealth.cloud https://*.dynahealth.com https://*.dynamed.com https://*.dynamedex.com https://engagement.devqa.ebsco.zone https://engagement.ebsco.zone https://resources.ebsco.zone https://resources.devqa.ebsco.zone https://*.osano.com https://*.aptrinsic.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.typekit.net https://internal-portal.devqa.ebscohealth.cloud https://internal-portal.live.ebscohealth.cloud https://*.eis-deliverydevqa.cloud https://*.devqa.ebscohealth.cloud https://*.live.ebscohealth.cloud https://*.dynahealth.com https://*.dynamed.com https://*.dynamedex.com https://resources.ebsco.zone https://resources.devqa.ebsco.zone https://engagement.devqa.ebsco.zone https://engagement.ebsco.zone https://*.aptrinsic.com;img-src 'self' data: https://internal-portal.devqa.ebscohealth.cloud https://internal-portal.live.ebscohealth.cloud https://*.eis-deliverydevqa.cloud https://*.devqa.ebscohealth.cloud https://*.live.ebscohealth.cloud https://*.dynahealth.com https://*.dynamed.com https://*.dynamedex.com https://*.ebsco.com https://*.ebsco.zone https://*.ebscohost.com https://*.epnet.com https://p.typekit.net https://*.cloudflare.com https://mobile.micromedexsolutions.com https://cmp.osano.com https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png https://linkmaker.itunes.apple.com/en-us/badge-lrg.svg https://*.aptrinsic.com https://storage.googleapis.com https://api.cloudinary.com;connect-src 'self' https://*.osano.com https://*.amplitude.com https://*.ebsco.com https://internal-portal.devqa.ebscohealth.cloud https://internal-portal.live.ebscohealth.cloud https://*.eis-deliverydevqa.cloud https://*.devqa.ebscohealth.cloud https://*.live.ebscohealth.cloud https://*.dynahealth.com https://*.dynamed.com https://*.dynamedex.com https://dd.devqa.eismedi.com https://www.cloudflare.com https://rum.browser-intake-datadoghq.com https://browser-intake-datadoghq.com https://browser-intake-us3-datadoghq.com https://browser-intake-us5-datadoghq.com https://browser-intake-datadoghq.eu https://browser-intake-ddog-gov.com https://browser-intake-ap1-datadoghq.com https://use.typekit.net https://apis.ebsco.com https://login.ebsco.zone https://logon.ebsco.zone https://findmystacks.ebscomedical.com https://myaccount.ebsco.healthcare https://resources.ebsco.zone https://resources.devqa.ebsco.zone https://engagement.devqa.ebsco.zone https://engagement.ebsco.zone https://*.forahealth.com https://*.aptrinsic.com;font-src 'self' data: https://fonts.gstatic.com https://*.typekit.net https://resources.ebsco.zone https://resources.devqa.ebsco.zone https://engagement.devqa.ebsco.zone https://engagement.ebsco.zone https://*.aptrinsic.com;object-src 'self';media-src 'self' https://internal-portal.devqa.ebscohealth.cloud https://internal-portal.live.ebscohealth.cloud https://*.eis-deliverydevqa.cloud https://*.devqa.ebscohealth.cloud https://*.live.ebscohealth.cloud https://*.dynahealth.com https://*.dynamed.com https://*.dynamedex.com;manifest-src 'self';frame-src *;base-uri 'self';frame-ancestors *;form-action 'self';worker-src blob:;upgrade-insecure-requests

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

16 domains

dynamed.com *.dynamed.com *.decisions.dynamed.com

Other domains in certificate

dynahealth.com *.dynahealth.com

dynamedex.com *.dynamedex.com

*.dh.live.ebscohealth.cloud *.dmp.live.ebscohealth.cloud *.dmx.live.ebscohealth.cloud *.internal.live.ebscohealth.cloud live.ebscohealth.cloud *.live.ebscohealth.cloud

medical.ebscohost.com

myhealthdecisions.com *.myhealthdecisions.com