SSL Certificate Analysis for admin.staging.omcare.com - Security Grade & TLS Configuration

Open Cached · just now

93/100 SECURITY SCORE

Certificate Information

Subject

CN=gamefyer.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

December 18, 2025

Valid Until

March 18, 2026 81 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

BA:93:1A:33:67:7D:26:11:D3:09:54:8D:7B:53:5B:CB:2D:F3:40:FF:AE:A6:4C:03:D5:29:2C:CB:CF:41:9E:EB

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=31536000; includeSubDomains; preload

Content-Security-Policy

Good

default-src; script-src; style-src; +9 more

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Missing

Not configured

Recommendations

• Strengthen CSP by removing 'unsafe-eval'
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

admin.staging.omcare.com

Other domains in certificate

aaz.today

keep.aethersol.com

candidates2019.airpassengerrights.org

alfie.do

amooto.com

appdosa.com

appfalebaby.com.br

ardadagkilic.com

app.areeb.io

edge.atlantauprising.com

atomssa.com

dashboard.axleinspect.com

www.aussie.batchy.app

bazaar-egy.com

admin.boostedbrothers.co.uk

elbokao.bracelit.es oktoberfest.bracelit.es

brentabbott.com

breviarium.digital

www.browngirlbella.com

www.capoerus.com

www.cauverycars.com

chakravarthisoap.com

wa.chatmamba.com

thecodingguy.co.ke

www.corepython.com

play.crosscountryfantasy.com

qa.cultup.com

gnosis.srv.deloitte.ai

apps.denovostudios.com

www.dpollera.com

journals.uem.edu.in

app.edusystem.co.za

www.elias-cecetka.tech

engramforge.com

equaiton.com

www.eventosge.com

freetogrieve.net

gamefyer.com

generationxyz.band www.generationxyz.band

getherdigits.com

growth.cards

www.guapassocialmedia.com.br

test-fin-datahub.habby.com

www.henrikschoenfelder.de

howiegoing.com

www.iamtomfarrell.com

manageclone.ibisacademy.in

hai2416478ce.id.vn

ifyouabide.org

card.ihkk.net

clinic.imthanuja.com

www.interiormotivesla.com

intohyvinvointi.fi

pregtrack.trantanhieu.io.vn

newprod-partnererp.isthara.com

jonsdrinks.com

www.justthefacts.app

ipfs.kevaid.com

www.mabuhaybbqandgrill.co.nz

www.maptitan.com

marshalloffutt.com

leus.medewerkerstatus.eu

interviews.medprimetech.com

msvzug.ch

muhammadnaveedkhan.com

muhassanahcollegeofhealthsciencesandtechnology.com

www.dullora.my.id

nicholasnoll.com

www.nicolasyates.com

auth.nothrottle.com

nsglobal.io

www.olemasport.com

admin.opiekujsie.pl

orba.top

pegasuslb.co.uk

gallary.peshika.com

quansontech.com

quitaboletos.homologacao.quitaboletos.com

rahulmeena.com

seils.com.au

smartsolutionsdeco.com

sparkstory.app

dyod.srilankadiabetesfederation.lk

steadyheady.golf

mobile-demo.stoick.fr

www.agent.swajan.io

bodamorenozeledon.swanmoments.com

bodaalasoliva.swanmoments.lat savethedateantonioydaniela.swanmoments.lat xvjimenaalexandra.swanmoments.lat

tsunaguba.co.jp

val-bd.com

cs440.vdelic.dev

fox.vetracrm.com.br

club.vivesmas.co