Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=notify.equihealth.be
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 21, 2025
Valid Until
January 19, 2026
60 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BB:8C:7D:A4:72:FF:AD:15:F8:3F:AF:1C:C6:CB:1C:1C:EF:7E:1C:67:F9:54:7F:C3:A8:2D:DE:13:AF:FA:CF:E6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport,script-src 'report-sample' 'nonce-hwFIAYu0oI-E_fNTJPKz0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
usap.deeplinks.bfansports.com
www.shopping.adamino.dk
connect.copagril.agr.br
teochewmerchantspenang-portal.hermes.aimgt.info
airsoftmarket.es
alleeco.com
apelgrim.com
fujiyahotel.staging.console.appabrik.jp
aramuna.org
artgraph.kr
dbus.aspevo.com
dnb.atomslearning.com
ayrtonapps.com
snake.babaaman.com
benashton.dev
connect.beyondboundaries.app
billowpeople.com
bloemekets.be
track-uat.bouncelogistics.com
www.calculadoradefisica.online
stephanie.choriatis.com
citeinsight.com
www.citizenfinder.info
classasker.com
oxeye.co.in
lnk.test.dodocart.co.kr
rubinawale.com.np
cometelapp.com
www.bills.contrall.ro
function.control-j.com
coin.dystree.com
ecrime-gcnp.com
stage.edzag.com
effico.co
notify.equihealth.be
www.esmenava.com
explorearabiaonline.com
fatih.digital
corporate.stage.first-iraqi-bank.co
www.flys.com.br
demo.freshimmo.fr
gangudupalli.in
www.getvfeed.com
www.hisabkitab.in
www.horizondrift.com
hotplateapp.com
ihengravidei.com.br
shivsirmaths.indiandevelopers.org
mm.it-p.de
www.jaisakthipapers.com
wordle.jpcreekmore.com
moyolvera.kenailabs.com
auth.kinetictechnique.com
www.kmcleanandshine.com
app.ktovisitkorea.com
kugigitnih.xyz
larunfla.com
www.loancalc.eu
nachhilfe.lsv-ooe.at
app.luwx.dev
massagelk.com
laboratory.offsite.medisureonline.com
memoriesofmaya.com
mikerosellini.com
moroccancrypto.com
n-m4.in
refraction.ncc.la
cdn.neman.hr
noiseboyz.com
npmresearch.com
www.oneclickinterviews.com
othercooked.com
pos.demo.payo.com.au
www.petelepage.com
pixelshard.com
stage.auth.relish.com
invest.republic.co
links.reworld.io
cdn1.riwsoft.com
samabox.com
schubert-schwall.com
assinatura.selffi.com.br
shusteripartnery.com
office.sovoro.kr
jurisprudentiewijzer.staging.stl.dev
www.taaran.in
theoceanleads.ai
triibo-api-gateway-hml.triibo.com.br
www.uivsolutions.cz
urbantz.io
vegre.no
video-of-the-day.de
vilton.tech
walocha.me
www.walocha.me
flutter.wonkytech.net
www.xpinpoint.com
yala.cloud
zarges.cloud
www.zionmjh.com
Other domains in certificate