Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=care-portal.sidekick-sandbox-eu.cluster.sidekickhealth.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 31, 2025
Valid Until
January 29, 2026
52 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
74:1F:6A:CA:22:CF:5C:A9:70:18:8C:4F:44:F1:93:4C:65:4C:EE:DA:CB:DE:32:3A:07:91:46:5B:DF:00:69:18
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.lumident.siteco.com
adrstudio.nl
login.adrstudio.nl
www.adrstudio.nl
m.freja.devel.agriopt.se
www.aoulagreen.com
onderhoud.assetrail.nl
uatpay.atoa.me
www.augmart.store
www.beisance.com
brightonandhovechessclub.org
www.bybroen-bolig.no
cafe770.org
carewithlovecambodia.com
wisag.cateringportal.io
core.ccfnq.com.au
www.abigold.co.id
productcosting.stulzindia.co.in
cohesio.it
www.cohesio.it
plastic-granulat.com.tr
www.yeedee.com.ua
www.comunicacidadao.com.br
beta.dialo.ai
espiritismo.net
www.focusy.me
fourfix.in
freskfoods.com
links.getsmarteye.mobi
godlmine.io
order.griportho.com
courseway.halony.tech
healthcarewithneelam.in
staging.heapster.live
staging.auction.holmasto.fi
hp-mcfee.live
www.hr-check.online
hub.immo
hyfen.ch
hieuad88.id.vn
auth.prod-v2.immo-data.fr
inter-routes.com
ironforgeapps.com
www.ironforgeapps.com
www.jahanzaibramzan.com
www.jspmengineering.com
www.kzzu.net
www.lydiasparrow.com
www.made.land
printers.magicqr.io
maticpcc.support
speckledmen.mauricode.co.uk
app.meefa.jp
www.metaweb.cz
www.michaelewen.com
www.mimicboxstudio.art
mon-chantier.fr
school.moshiurrahman.online
www.mud-quest.com
www.newenglishacademyvv.com
nostalgiamap.com
ojasgupta.in
operatorstechnoleb.in
redbox.owct.me
paragon.sale
app.paso.to
cookies-consent.pria.cz
www.redleafapex.com
registrdluzniku.info
safaksan.dev
www.samuelperales.com
scantific.com
www.shunyatechnologies.com
care-portal.sidekick-sandbox-eu.cluster.sidekickhealth.com
129th.skkudramaclub.kr
solarsales.pro
solidkey.se
isovision.somendrasaini.com
www.stefanolazzari.com
www.tapplapp.me
thetinyplan.com
www.thetinyplan.com
am-studio.timp.io
kinet.timp.io
revolution-place.timp.io
summit-studio.timp.io
www.toursella.com
www.trinityds.com.br
www.vahidashtari.dev
app.engage.chapelstreetchurch.voyagernetz.us
whyamiplayingthis.com
wrdg.de
yana-love.ru
yotaventures.io
www.zenloop.me
zenloop.me
admin.manipulators.zk-digital.ru
www.app.zkmakers.com
www.zoyel.com
zoyel.com
Other domains in certificate