Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.staffwriter.co
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 24, 2025
Valid Until
February 22, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7B:0E:83:DC:96:63:A8:55:D5:E1:47:DA:16:FA:53:7C:BA:7B:52:94:B8:25:37:E5:1C:FF:CB:E3:7E:91:9E:5C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
dev.afirmis.com
staging.host.10seat.com
portal.cmis.ac.in
alamininfortech.com
www.albaseguros.mx
alpenglow.systems
ammarweb.org
ministeri.anccp.it
andersonmontana.com
andresmonnier.com
appfaa.com
app.aw-anotherworks.com
babitapack.com
reservation.biei-carshare.com
www.bitautor.de
dl.bk.com.co
bondr.no
chaloreview.com
www.chaloreview.com
child-participation.kr
ciskodisco.com
cleardayapp.com
cloudcog.hr
www.cysero.org
poc-laravel.daobui.nl
datavalue.ar
staging.desertmermaidaquatics.com
test-display.deskintelligence.com
www.digi-shark.de
djin.co.uk
drgoof.com
eddiedemo.com
monitoring.egraft.fr
gatorsnft.io
generationbuilder.net
www.getotech.in
www.globetrotters.ai
gongter.com
goodbye1040.com
www.gr8rsmsmanager.com
demo.hnhconsulting.ca
www.hongmoe.com
humancapitalcredit.org
hypnosismic-2nd-drb-vrbattle.com
www.indiic.com
trailman.janakj.org
www.jockegustin.se
jugglevision.ai
propoze.larva.cloud
innovar.lextartecnologia.com.br
merchant-dev.luna.vip
www.malkaesther.com
mammografiprogrammet-konferanse.no
mariusproton.fr
auth.matecito.co
www.mcgeary.dev
barts.partners.medics.academy
joc-plantes.mercatherbes.cat
michaeluniversity.org
portal.midiagnostico.cl
app.minichess.club
cms.mobileappster.co.uk
h-farm.monacofoundry.com
motorider.online
app.myfastpcba.com
test.mytasks.netresult.app
dashboard.dev.mlt.nextgatetech.com
okodetech.com
app.omedo.co
www.oppositeday.co
bksgdev.order.place
www.originaldog.in
dashboard.pbj.live
phrases.world
polycam.ai
www.progidro.ru
staging-test-tenant.qburst.in
www.quantumfy.co
www.rabbitson87.dev
try.reach-digital.co
app.reclip.pro
hq.reconise.com
admin.recora.mx
app.schwendimann.ch
questions.dev2.screencastify.com
simracingseries.simrace-control.ch
app.staffwriter.co
auth.staging-homehub.site
cdn.study-habits-dh.com
ansatt.systemhus.no
www.thirusiasacademy.com
analyze.tienphan.work
tiger.voyage
pilates-girona.timp.io
tinkerersagar.com
gcp.torque360.co
utkueray.com
www.xin-squared.com
sheep.zapdev.net
www.zenreki.systems
Other domains in certificate