Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.domrealtygroup.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 05, 2025
Valid Until
January 03, 2026
51 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
45:ED:3E:F9:FB:97:11:DB:53:7C:12:2D:99:24:57:BD:59:89:D1:71:46:9B:50:63:D0:BC:2D:B1:78:AC:E8:2F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
aresmm.com
dev-env.backstage.aestheticsmap.com
training.affinityhospice.net
sso.littlesis.amplifiedlabs.xyz
radar.anoff.io
clip.aokitech.com.ar
aprolabs.com
www.armasafelocksmiths.co.uk
buy.storybook.bidscape.com
meet.bioss.io
www.blue-dahlia.com
www.brewbeer.ca
www.carlos.lat
my.chosio.io
recipe-book.codingshadows.com
dgfitness.com.hr
uplus.com.pl
app.cryptochefs.io
apps.denict.com
www.domrealtygroup.com
namakkal.eacabs.com
www.manaport.seto-solan.ed.jp
pwa.elitetrainr.com
www.ericastor.info
evantaylor.ca
www.exmera.se
peakboard.app.farsitetechnology.com
felix-moellerherm.de
support.fundwave.com
furry-online.com
2dspine-flame.globalsoft.games
www.green-piezo.com
hbc666.club
measurement.helloomynameis.com
houseofswitch.com
inceptive.life
dev.picking-capacity.ingka.com
www.test.iopsmobile.com
www.janitha.com
share.jimcrowfilibuster.com
keithjr.dev
knowdrugs.app
dc.kvlk.hu
www.kylecoberly.com
larissajohnsonbrown.com
www.lubintalentsolutions.com
content.magic-needle.io
www.matterofmovement.com.au
stg-app.mavue.io
compliance.mckeown.co.nz
support.mekanisk.com
www.merriment.info
www.metanoiahr.com
blog.micheam.com
portal.moxymgt.com
mshp.link
www.mypaldrop.com
www.nora-und-henning.de
www.northcountry.solutions
offside.soccer
onfadd.com
audition.toa.org.hk
my.orton.io
www.oyeleyeoyedayo.com
www.pghsessions.com
www.pimpedia.nl
porfi.dev
posher-pro.com
books.prototypecode.com
www.psginc.jp
www.quidato.dev
randombrewing.co
rivierachalet.ae
www.sarkev.com
verify.dev.savelit.com
savorybao.com
www.saza.hu
schmakeit.org
www.shor.dev
sistemasipe.com
souparnabasak.xyz
spiritfaithministry.com
uchealthjump.sqwadhq.com
www.starfurniture.com.au
links.tailordapp.com
www.takitak.org
www.technititan.com
www.teckrevo.com
ugurkig.com
portal.prerelease.usenash.com
www.vagamist.in
versemedia.io
go.vexatech.net
code-snap.vnoit.com
worlddragracingcircuit.com
wupiter.com
www.417.cz
wyflac.com
www.xprtcoders.com
zachsoliman.com
Other domains in certificate