Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.theimperialmedia.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 09, 2025
Valid Until
January 07, 2026
44 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B1:44:D6:F6:19:EA:2E:90:06:6D:29:68:A7:49:54:A0:0D:3D:B3:55:AF:29:A7:67:42:30:A3:B6:E5:1C:7E:B2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.burncal.fit
analytics.preprod.2050score.com
dfs-sectional-config-cert.3dcloud.io
aayumedic.com
doctor.albert.health
www.allsinc.com.co
www.analisis.io
angularjozi.org
block-bits.com
boookuno.com
platform.botscrew.com
braincake.co.uk
petmanage.budylon.com
businesstrendsblog.com
staging.dashboard.cityhelden.com
www.click-match.com
clinicapodologiaeleve.com.br
codejerry.com
admin.coinapp.co
computersdream.com
www.convertyourphotos.com
dev.webpay.api.creamly.by
cast-receiver.cure.fit
tykes.devpass.co.uk
dmoverseass.com
app.dreamoms.com
unifg.eccomi.io
ihd.edlin.app
www.elixirlk.com
oauth2.ems24.co
kiosk-preprod.enkept.com
preprod.enkept.com
staff-preprod.enkept.com
www.fameoil.com
flightcontrol.online
employee.gajiku.asia
www.geta-solutions.com
www.giangza.dev
t2.golfpad.events
support.gowit.us
bestellen.grill67.de
hersenwerkpropsy.cz
redirect.ibuprom.pl
inprose.info
auth.play.instruqt.com
join-titi.link
edu.jooba.ai
troxlerslog.katalysatorduravermeer.nl
www.kidskorner.org
my.lmshop.be
docs.ltiaas.com
matheusfernandes.games
cloud.megapixelvr.com
midas.midgrab.mx
app.mulhermagnetica.com.br
opinie.informacion.my.id
nuevosairescountryclub.com
backend.offlinepal.com
www.ohirudayo.com
wayawaya.omnistride.net
www.opuluxe.it
roznama.alahyaa.org.sa
tools.osortoo.com
parkpaper.in
www.dcm.pkf-wms.de
www.polexitpartia.pl
docs.privacyai.com
ifspcmp.bordignon.pro.br
purnama.app
admin.qssc.cc
www.querreveld.nl
app.qvin.com
ultron.radarentacar.com.ar
www.rakan.pro
radio.rejoicetech.org
get-started.renewglow.com
www.ruwaizhaja.com
sasandha.in
auth.staging.senecalearning.com
skhcodebook.com
app.stalkr.film
www.porto.taf.net
theduohealth.com
www.theimperialmedia.com
chatbot-stagex.thelevel.ai
chatbot.thelevel.ai
demoecom-chatbot-stagex.thelevel.ai
demoecom-chatbot.thelevel.ai
thetide.guide
dev.tormap.org
tretiak.dev
tricera.com.br
vrmatkalla.vr.fi
vroom.rocks
word-snap.com
www.wordparkgame.com
app.workinharmony.io
yourbloomingbuds.com
yousai-suzuki.com
nazo2020-dev-q764hk.zerokitsunehal.org
Other domains in certificate