cliniko.com

HTML metadata

Title: Allied Health Practice Management Software - Cliniko
Description: Practice management software designed for allied health practices. Cliniko is secure, easy to use, and used by over 65, 000 health professionals.
Language: en
Generator: Gatsby 4.25.9
Canonical: https://www.cliniko.com/

Open Graph

url: https://www.cliniko.com/

Technology

CDN: Netlify
CMS: Gatsby

Analytics

Google Tag Manager

Third-party hosts loaded (2)

cdn.sanity.io×1
www.googletagmanager.com×1

Social

Contact

Email

info@cliniko.com

Registration

Registrar

GoDaddy.com, LLC

Created

2011-02-10

Expires

2027-02-10 266 days left

Updated

2026-02-12

Name servers

ns-1324.awsdns-37.org
ns-1975.awsdns-54.co.uk
ns-64.awsdns-08.com
ns-661.awsdns-18.net

DNS records live

NS

ns-1324.awsdns-37.org
ns-1975.awsdns-54.co.uk
ns-64.awsdns-08.com
ns-661.awsdns-18.net

MX

Show 7 MX records

10 aspmx.l.google.com
20 alt1.aspmx.l.google.com
20 alt2.aspmx.l.google.com
30 aspmx2.googlemail.com
30 aspmx3.googlemail.com
30 aspmx4.googlemail.com
30 aspmx5.googlemail.com

TXT

Show 6 TXT records

202405281623135g98sihlfx4ofck96yij15y40kof0yvqkyhodff0w84n8ht0f0
202409091456342garkbepvnig3pf2e0js5m8a8b69gh1gpxxjsn99i1b69ouvs3
_globalsign-domain-verification=uCpcs9dHJZ7eQrFmOgULisPsYuIkc6i6pZq_KsxERG
facebook-domain-verification=p72a2mcnjfux74egw59yqzp9aatnbw
status-page-domain-verification=yfsp1ntmbmzy
t9pywgfv3dlpj43w8dv8hmllwrd52bym

Email authentication strong

SPF

v=spf1 include:spf0.cliniko.com -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:postmaster@cliniko.com

policy: reject (enforced)

DKIM

google: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCsu+nPnHhm/N6DQuSiTyDVuKIOXYoP8bLmjyNXq6PLkzcEyxvWLFcRUMNZbuaZ55JVOi6Fr1keupPg/7qs51…
k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

Amazon RSA 2048 M04

from 2025-11-17 to 2026-12-16

Expires in 210 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.cliniko.com/

present

strict-transport-security
content-security-policy
content-security-policy-report-only
x-content-type-options
referrer-policy

findings

missing frame protection
missing Permissions Policy

Header values

referrer-policy: same-origin
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none';
strict-transport-security: max-age=31536000
content-security-policy-report-only: base-uri 'self'; child-src https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net; connect-src 'self' https://*.cliniko.com https://stats.g.doubleclick.net https://www.google-analytics.com https://api.honeybadger.io https://*.intercom.io wss://*.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com; default-src 'self'; font-src 'self' data: https://*.cloudfront.net https://js.intercomcdn.com; form-action 'self' https://intercom.help https://api-iam.intercom.io; frame-ancestors 'none'; img-src 'self' data: https:; manifest-src 'self'; media-src https://js.intercomcdn.com; script-src 'self' 'report-sample' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://www.google.com/recaptcha/api.js https://www.gstatic.com; style-src 's