Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=web.trellish.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 22, 2025
Valid Until
February 20, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4B:A5:2C:81:C2:B4:F2:DC:DA:10:D0:BA:F3:55:CB:B6:D2:B2:19:87:C6:1B:CF:75:6A:38:42:37:8D:A3:06:72
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
admin.dhaakadcinema.com
28go.jp
www.42degrees.co.uk
acaciastories.com
dev.appfrog.net
demo-integrations.appmixer.com
asuntovalas.fi
www.authenticatorplus.com
balin.app
preview.bloky.dev
delivery.cadlox.com
dev.casval.trade
barismengi.com.tr
computingteacher.org
app.cria.page
cruscia.com
l.ctsh.io
www.curtisfriesen.ca
dancingbearmartialarts.com
dataleaper.com
ddarogyopetcenter.in
deekshithkulal.me
logistics.delori.io
dierenartsendebrug.be
directbasing.nl
dnewberry.com
dougliu.com
www.dssdglobal.org
showcase.ducducnyc.com
e-filetransfer.com
boostv.easysignage.app
elmejorenvio.com.ar
billbook.enkept.com
www.eugen-reimer.de
exploriatravel.com
stg.f2bportfolio.com
festadopai.com
fiestadelpadre.com
finshots.app
gaumenrutscher.de
gaute.dev
www.goal-list.com
grasshopper.games
group.events
www.haasconsver.com.mx
hagen-schupp.me
passkeeper.hexoss.it
items.hirehammer.sg
back-ms.inter.mx
subscribe.investably.io
iqbarber.com
jerrysel.in
app.joinombi.com
go-dev.justfarm.app
kalakarguild.in
mohamed.khamis.work
www.klare.com
link.linckr.com
hikool-admin.m1studio.co
mailzone-app.md-test.mailzone.app
architext.masonzee.com
www.mawagra.se
awash2.meander.media
www.mertl-luxury.com
and.morethanone.love
test.mydanceportal.com
archery.nirvanaoutdoors.com
l.onefin.in
onevotelikeyours.com
www.pipelify.ai
www.pravinyoy.com
link.progressioncv.com
www.projectsthestones.gr
www.rboh.codes
reilukuljetus.fi
portal.rendoo.co.uk
rustixmanor.com
sasandha.net
demo.schniide.com
app2.seggac.com
staging.admin.shopinn.tw
veenaadvertising.showitbig.com
sproutworks.ca
scoreboard.svetlin.net
bodacruzibanez.swanmoments.net
tdc.tallyfor.com
tc-schoenbach.de
www.the-escalated-publisher.at
www.thesimplebiology.de
ludo.tigerstudios.com
tina-ng.com
tncollege.online
storybook.togetherplatform.com
web.trellish.com
api.uiclap.com
vizarch360.com
event.wellcome.biz
dashboard.yoka.cd
zinmk.com
gym.zomans.com
Other domains in certificate