Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.merlinsalamanca.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 27, 2025
Valid Until
March 27, 2026
74 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A2:5C:31:B6:06:E3:49:33:B1:3A:E1:6B:D4:0E:0E:52:4D:72:0A:20:DB:68:73:DD:88:53:06:9D:57:29:51:0F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
criogenio.com
www.101cre8ives.ca
robern-test.3dcloud.io
www.andrewcloudart.com
dev.ands.app
analytics.aquafacts.com
avokode.ai
bahcodepos.com
baobeidtrading.com
baruque.app
kamdhenu.bhoomida.org
blissfulbites.ph
www.brucewaynes.com
gcp-us-east1-17.dev.app.carto.com
www.celebratenationalholidays.com
www.cherisewilson.com
link.kidfind.co.kr
link.stg.comipo.app
cdmedia-various.contentcard.com
layer.dexkit.com
resident.diffe.rent
dinotronica.com
googlefaq.dmzapps.com
drinkhappy.app
easytechsupport.ca
dev.dashboard.eatie.in
edmik.in
ednevnik.kostavujic.ios.edu.rs
55bakerst.equiem.mobi
flutternl.nl
gamenightninja.com
glime.app
granthsampada.com
www.gridvote.app
www.habitdaily.app
handyapp.jp
www.holsa.in
hometen.kr
hudsonpryde.dev
huskysoft.com.ar
iresto.id
www.itqan.app
wo.ivoy.app
jiwar.co
social.juwelis.community
www.krishnavibe.com
larijani-lab.ca
leadertrip.de
learn2burn.co.uk
lendi.app
lucident.app
farmlands.beta.m2x.app
malahatnationcds.org
www.menchasbeer.com
www.merlinsalamanca.com
www.mibrujula.co
musaffar.me
www.my-datacard.com
app.myhubble.ca
okinalabs.com
testaasa.openwallet.finance
demo.optagestion.cl
link.panatech.io
paulclaytonsmith.design
pn2.app
pocketone.xyz
links.profit.com
ragingrobot.app
www.rajasekharan.com
remarket.agency
icabs-test.rentokil-initial.com
reocloud-staging.reoriginal.com
book.ridepulse.com
sanatorioaltagracia.com.ar
sasuscollection.com
searockinn.in
www.shannoneng.com
snappack.ai
www.socmedaccelerator.com
spawn.me
squiiids.com
sreesanjayganeshcrackers.com
t7even.net
isosort.tapotap.com
tasskaty.com
links-staging.teeitup.com
www.thanaphon.dev
shop.thegoodstuff.my
www.thirdray.ai
thought.center
treeved.com
unicreativeunit.com
upendocares.com
vmarksolutions.com
vcard-assets.we4u.pw
get.well.ch
wieloslowie.pl
bloodutd.wiip.co
www.youvision.dev
rc2-mockup.zerothreat.dev
Other domains in certificate