Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=stg.gohouse.ai
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 14, 2025
Valid Until
January 12, 2026
55 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
15:09:71:00:75:F5:CD:E4:18:53:FC:43:4F:FD:5E:0B:A4:3C:99:FA:EF:4D:A1:7D:92:A5:97:44:8D:59:15:E1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
andrewpiterov.pro
adeo-webgl-test.3dcloud.io
akshardhambalak.in
alexgoodh.art
all4gest.com
dev.link.andelenergi.dk
app.arrival.city
devadm.basil.menu
botterman.dev
braintecheducators.com
app.brewday.co
bunnyklawz.com
online-collection.chance-store.jp
www.choumeri.gr
api.citycompass.net
whitebalance.co.in
webpack.dostesting.co.ke
salady.apps.flyground.co.kr
www.bs-automation.co.kr
jacksonian.column.us
display.v3.contentfabric.io
qrcode.cuisinewise.com
daniajarwe.com
davidhaven.dev
lms.deoapp.com
designtableetc.com
detox-manana.com
hq.docvita.com
www.dylankoevort.com
kajaaniperehdytys.edukamu.fi
portal.ellipsishealth.net
eminsinani.com
subtechlifeline.falkor.io
submit-metrics-excel-addin.fundwave.app
image4.getcreativesoftware.dev
api2.getintheloop.ca
link.app.getpowerlink.com
book.gogreencabs.com
stg.gohouse.ai
gosi.app
app.greenline90.com
bookmarks.guyguzman.com
hotelwire.net
wrapped.hotwax.io
www.i-mps.com
ictkathurusingha.com
infisolutions.us
testing.app.instryde.com
iranzamin.de
www.ird-engineering.com
jshearon.com
www.jurdiconsult.media
kakurail.com
www.kolarikova.cz
ladystartup.com
contabilizar.leandropitta.com.br
webhook.likepay.dev
manifesto.longterm.app
lysergyc.com
vragen.maklr.nl
www.mattitude.com
www.mccontractorsllc.co
meevi.dev
mesopotamia.ai
moogenda.com
pic-lslux.mentor.neccton.com
newsong.store
tamil-sirukathaigal.nibunan.in
nirdeshika.me
nortrix.com
nubikids.cl
omvedahome.ch
patrickb.dev
order-at-table.centerbar.paymytable.com
www.pitesgefseon.gr
pixie-embassy.xyz
bestellen.pizzeria-pizzaland-gladbeck.de
poinglabs.com
app.quarters-llc.com
hello.railboard.com
www.ratakondalaarun.dev
ajw.rxcx.au
sdocstore.com
web.servicescape.io
shaffiullah.in
www.sharpgenes.com
www.shavenstuff.com
simplfinances.com
stakeresearch.com
www.swasthomeo.com
clientadmin.symterra.co.uk
ah-thankyou.synctalk.us
tmovetransport.com
ovenandspicesemenu.triggersplus.com
www.valentechiropractic.com
app.venapp.com
www.withdart.com
www.you-me-contemporary.com
dashutsu.zacherl.dev
zeta.zyffy.com
Other domains in certificate