Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=mergeqa.mitrasheet.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 12, 2025
Valid Until
January 10, 2026
55 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
11:96:3B:AC:C7:ED:78:29:6B:5E:41:6A:89:45:8C:E4:A7:2A:E8:E9:5B:EA:8E:2E:1D:B3:57:D2:F7:7D:0E:AA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
bluejam.io
www.aboets.com
accounting-app.team
www.addtimme.es
adminiate.com
www.adminiate.com
www.aktivoliboerse.de
mfind.aldointegrations.com
auth.amazedyet.com
ampumajuoksu.com
www.animixer.in
www.as-ta.net
seguros.ballesta.com.ar
bigcoolcompany.com
app.blog4school.de
buffalobullscamps.com
www.buffalobullscamps.com
butunselsaglik.com
tym.share.app.c-rayon.com
cleaningapp.cool
landing.yeedee.com.ua
dch.staging.admin.convercus.io
forum.coverings.co
daysi.crconsultorescolombia.com
davidzanger.de
denisoed.com
test.dentalben.com.au
eftbb.app
www.elektrik-soforthilfe.de
app.hmg.enviabybus.com.br
dev.equappment.com
dev-login.fix4.com
www.fondationulb.be
admin.funfastfit.co
painelgeneralsalgado.g2canal.com.br
galvitrak.com
app.garantiaimoveis.com.br
oic.congresoqroo.gob.mx
godspeedgroup.ca
dev.app.lending.halodao.com
hcsplus.org
hearts-game.online
link.heyyou.it
howiebuilds.com
app.insidetracker.com
www.jw-psychiatry.com
new-airtracker.k-9apps.com
www.new-airtracker.k-9apps.com
wwa.kerp.net
keychap.com
k100.kik.co.jp
knockoutleaguevr.com
blog.kossel.io
www.list2go.io
links.lova.care
lujoma.do
map-sl.com
maxkeyner.nl
dev.mdp-fundraising.de
mergeqa.mitrasheet.com
link.moments.co
monika-trans.eu
functions.mpactq.com
admin.onlyanimals.com
www.ordrink.app
ozzylee.com
admon.paneladulcesita.com
parquecapibara.com
www.pidibit.com
rayarizk.com
rfrtours.in
rude-audio.com
sesamebagel.sg
seusmash.com.br
help.soundflow.org
source7.io
alpha.spatialos.co
connect-ui.spira.com.mx
auth.sqool.dev
stephenm.dev
www.sterin.dev
live.streamfabriken.com
www.swarg1995.com
l.themekeyboard.com
admin-staging.theredheadedhostess.com
tableapp.tomparnham.com
castlevania.tonycasale.net
dev.trellistools.com
app.uppingapp.com.mx
ustunyildirim.com
www.ux3d.de
www.valleysoftsol.com
prodtech.voltlines.com
vrijdagscoutsbladel.nl
www.webfaceid.com
westinindiarealty.com
i.x-mobilegame.com
dl.youmeid.com
zeekr.com.co
api.zipeli.com
Other domains in certificate