Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=careerlego.info
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 09, 2025
Valid Until
March 09, 2026
73 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
38:1A:E7:C5:D2:B9:5F:A4:B8:32:D7:10:3B:D3:94:23:A1:30:CA:E0:DD:8B:B9:FF:63:6C:A5:91:4A:AC:51:6C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
dev-app.squidit.com.br
www.aa.iq
www.amorerooms.bg
www.apollonexus.com
uat.ared.ai
test.atombudget.com
alchrush.beyondreal.games
bitgroovy.com
www.bounous.com
branalyzer.com
bsanju.in
stage.builds360.com
club.cafynet.com
careerlego.info
champagardenrestaurant.com
www.charts-research.com
childrencharitabletrust.org
kibana-circuscode-attribution.circuscode.com
test-fim.gayatrifood.co.in
thinktap.co.in
www.tradesimple.co.in
comunidad365.es
ctdl.sg
app.cybermontenegro.com
cymek.ltd
staging-signin.danomics.com
dev.dartcade.se
www.debrianfigueroa.com
screens-ipad.deploy-cd.com
ditectrev.com
dlazpoker.com
www.dogoon1000.com
auth-t1.elekt.no
clasificados.elsoldetampico.com.mx
testing.eosetf.io
ericseng.com
exec.staging.evertransit.com
www.faisalimran.com
firebirdllc.com
visomariakerke.flockim.com
fourpixelsgames.com
www.gabrielveloz.com
bluebear.geneowebapp.com
guiasfundesa.com.br
heartothere.org
thegreatexplosion.hojunsong.com
ibware.com
indiastaff.in
www.industrialpathsolutions.se
www.insightresearchanalytics.com
www.ion-energy.com
www.iottable.online
isnottv.com
www.jlcebrian.com
jodieemery.info
app.jusmoto.com
dog-api.jvelaz.com
www.kirstenmcafee.com
leguman.ch
www.logitanalytics.ca
maderr.com
www.makepad.fr
makorelabs.com
marthinusstrydom.com
admin-page.meetgo.vn
www.mic-consultores.com
www.mtcusa.co
dev.myinnerwork.com
aeres.neoufitness.com
www.nicotomdevs.com
notnewnaveen.com
paolodipietropizzeria.it
apps.payable.lk
petukji.in
firebase.pilotgapps.com
courls.principle-tools.com
protextapp.com
radio-zdravi.cz
www.redbrookcreations.com
jc-official.reflex-bikers.club
www.sfmtools.com
www.shepherd-international.com
shrtkey.com
realtor.link.simplysignsapp.ca
link.sun.skilleos-api.staging.skilleos.com
invite.skylokr.com
www.spaceisfake.com
ucash.sripay.lk
www.streamline.quest
tajibo.lat
menu.techagentpro.com
app.techfuchs.de
saltandpepper.thediners.in
varmin.co.uk
singular.vende.io
staubli-solutions-medica.virtual-brand.space
www.wizheard.com
it-dojo.world-works.co.jp
parlament.xonesta.mx
zerocoding.in
Other domains in certificate