Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=staging.medstaff.care
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 06, 2025
Valid Until
March 06, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7C:E5:07:1B:51:28:4B:93:D1:E4:9C:6B:42:17:0E:51:FF:46:C6:E1:4F:78:96:C6:A6:23:9C:F7:FC:8D:76:55
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
booksby.com
432thailotto-en.pro
www.accmotors.com.au
adabrain.studio
adarkdroplet.com
agroward.cl
www.ahcdevossen.nl
catalog.feather.aioncw.com
aivoicebot.news
alexalves.design
andreerehnberg.com
cosplay.anime.style
edgars.apinis.dev
axel65.com
platform.biox-ai.com
bleanq.com
bmwant.link
breakoutbay.com
byamour.ca
cancio.tech
partner.plating.co.kr
d-wilkinson.co.uk
degen.rodeo
order-en.delicito.at
dlhub.app
www.drrubinasultana.com
www.dryfish.in
www.eclisy.com
epiqueera.com
estudiovampa.com.ar
flatshow.property
www.gamepyong.xyz
www.ganeshmarg.in
geldtagebuch.geldwissen2go.com
geotampas.com.br
business.getpigeon.com
www.globertz.com
cast.honeycome.jp
www.deepclean.horihorii.com
shavenstuff.hypervr.games
partner.ikokos.co.nz
www.instanteostools.com
jorisco.be
www.josephkalayci.com
k9i.app
leaderboard.kjssecodecell.com
medverka.kossanlund.se
lullababysos.com
luther.lunofox.com
lwalls.app
www.magodhomestay.com
www.marcosdourado.com
medprax.in
staging.medstaff.care
link.mguest-app.com
myleave.co.za
ar.winc.ne.jp
nevadait.co
cloudcompare.next2it.co.uk
www.ocelahealth.com
www.oikosbrain.com
olhadobrovolska.com
www.om-origin.com
outkomia.com
links.packageportal.com
appnext.paycloudafrica.com
picaps.org
app.pixaprints.com
projectstargate.live
klinta.prorenata.se
www.replinq.com
reunirly.com
paco.rocola.es
www.roosterra.nl
sahkomanni.fi
dassonville.saurat.io
www.shopman.ma
www.sootsafe.com
spexus.ai
splitus.app
www.sqn.cz
rapid.statsearch.team
test.stefangeorgescu.com
www.stianadnanes.no
studyamigo.co.uk
www.tedsgreenhouses.com.au
thanakorn.dev
appstaging.theboostmate.com
thekitchenbook.fr
habitit.thinkoutside.app
tilerquote.com
www.tuoncexeneize.com
version2.llc
www.viewvie.com
studio.vimeet.app
viprealtorsgta.com
visionsblurredvisionsheard.xyz
workflowmanagerpro.com
xmarket.store
zawango.org
Other domains in certificate