Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=staging-portal.memoapp.ph
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 26, 2025
Valid Until
December 25, 2025
32 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
53:75:03:49:D0:0D:06:0B:55:AC:26:F7:38:12:9C:0D:DB:08:17:EF:C9:24:AD:CF:8D:98:AD:74:F4:57:CC:BD
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
anger-management.blessingbox-ai.com
dev.feasibility.clearaccess.28east.co.za
actdemo2.anyware.software
www.backpackfordrive.dev
bankelys.com
basis.mobi
benjiepark.com
boundingboxcreative.com
bravonest.lk
www.brewzcoffee.in
britannia-apartments.com
businesssorter.com
www.calvinwalzel.nl
campfirereads.com
carrington.dev
go.cf.studio
ledger.coloredpuppy.com
confederacie.com
www.dark-nucleus.org
www.descentralize.com.br
www.devfagnerlima.com
app.acc.eatch.me
dev.evme.io
www.exgcrew.com
extremeoptimization.com
fabcabvtc51.com
famapassport.in
futuro.forja-tech.com
www.furtado.me
gavon.fi
gitbrand.com
www.globaltracker.com.ar
app.goqonda.io
sproutjoy.greybluash.com
www.hararidawah.org
calmap.heychao.com
dev.hipaamate.com
www.idealer.ca
www.idesporte.com.br
space.ilmsg.in.th
pokemons.jaalorsa.com
jarp.one
www.jastrzebskipawel.com
www.justkidspreschool.org
www.listen.no
makinggreetingsai.in
www.makoficinas.com
manthanlearning.com
alpha.martintoddbuilding.co.uk
attestation.matthieumontaille.fr
dealspacedev.melle.io
staging-portal.memoapp.ph
gestor.meupetshop.online
www.mikob.xyz
maas.mobiry.jp
www.monsterroom.app
movmember.motherofvictory.org
www.my-e-health.com
www.naveenmalhotra.ca
growwhale.nonip.net
www.okayrecharge.in
osamailyas.co.uk
osgpro.sy
pirune.com
bestellen.pizzeriaitalia4.de
www.platechasr.com
admin.playbook.vc
www.pluggedfireworks.com
www.progressiveengineering.co.uk
pylife.eu
rabondigtl.com
rahulservices.co.uk
ratanapron.com
au2.resbutler.com
www.rovtouch.com
rush.sk
his.sandrasoft.app
www.sarmaru.com
medicos-dev.saude-brasil.com
betaseasons.scoreholio.com
sgharem.org
sheepionaibot.com
www.smilestheatre.com
sunnygraphy.com
tannertx.com
api.thatwas.pro
thedaysofraj.uk
www.thewealthy.app
alpha.transect.com
danhgia.tranthanhlong1979.com
trinitytechnology.com.br
ttvipsg.com
dev.tunrmusic.com
web.vibra.one
www.vitaqr.es
ebs.voltbikes.co.uk
vrikshaainteriors.com
x-syst.com
tule.yushakobo.info
zuhri.uz
Other domains in certificate