Open
Cached
·
just now
79/100
SECURITY SCORE
Certificate Information
Subject
CN=www.michaelcurtis.info
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 07, 2025
Valid Until
February 05, 2026
79 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
63:4A:14:C6:92:42:08:B8:77:76:46:D8:CB:19:9A:B3:20:1A:D4:2B:85:5D:68:80:9D:7B:C7:72:F1:FE:3B:0C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
payment=(), geolocation=(), microphone=(), camera=()
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
1mark.work
aasra-welfare.org
group.ahavex.com
akshaybadgujar.com
al-adabal-mufrad.online
alexdhughes.com
alumnitter.com
aristacurebiotech.com
www.aristacurebiotech.com
www.arjuninteriors.com
www.arunachalamindustrial.in
member.aumhum.xyz
bareclearact.com
benguelaonmain.com
link-bigapp.bi.group
blockheight.dev
bojler-kindervill.hu
recruiter.brainey.ai
bravespine.com
byteodyssey.net
candy-familypark.com
flex.carlosagosto.com
www.celebstheory.com
www.charitonmutual.com
www.clearservices.ca
clifford.bio
member.zmms.co.zw
colombiatravelevents.com
app.compracircular.com
admin.hidroplus.conny.tech
au.creatoradar.com
customerrelationsjobs.com
www.darwyn.app
e-sake-jp.com
www.ecoceptive.org
www.endervan.com
erroltech.com
auth.life.everbine.com
admin.everestunited-taekwondo.com
fabtexthread.com
www.getunit.fit
grablabs.com
gyslegal.com
cv.haendel.tech
hagertech.dev
devauth.hiosocial.com
hyriddles.com
crocoandsnail.id.vn
chevxeron-release.ischoolconnect.com
ismetozozturk.com
thinkmate.itcodeinfotech.com
izjava.si
kencanatransmandiri.com
auth.kikakeyboard.com
www.knowbaguio.com
kria.io
lightpoledefender.com
staging.dashboard.likestoryeg.com
marco-perin.com
www.megabrilho.com.br
www.michaelcurtis.info
www.mindset.game
www.mithibaicultural.in
class.momocargo.com
rekod.nexkod.com
auth.omara.es
tiruvannamalai.onewaytaxiwala.com
www.owfanleague.com
parkpdr.com
accounts-development.pictoria.world
app.prepify.live
prodeo-xstate.prodeo-live.com
gex.propertyservicesexchange.com
qdp.no
www.restonpeace.org
ro-garden.com
estabelecimentos.rvpedidos.com.br
ryoclouds.com
samg.us
santanu-portal.space
scale-up2025.com
segurauto.com.mx
softtechitsolutions.com
pepsiccarolinascratchadmin.sqwadhq.com
estimator.taxprime.app
consciously.tclc.co
accounts.the42.ie
viala.ai
hypersaline.vidyagiri.com
auth.visper.io
mc2020.volvopenta.com
www.898.com.hk
tv.xembong22.net
tv.xembong66.live
ytddesign.yiqun17.com
zerohourjob.com
zerohourjobs.com
zerohoursjob.com
zerohoursjobs.com
zianemagic.fr
Other domains in certificate