Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=parakhhospitals.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 02, 2025
Valid Until
March 02, 2026
83 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7A:59:59:ED:D8:F7:D6:5A:2F:52:FC:6B:C3:19:8E:89:92:2C:1C:6F:CD:D1:18:27:5D:38:48:A1:B2:F0:F2:17
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
elpunto-goettingen.de
mobilityware.12traits.com
www.1hour-tech.com
tilde-inventory.22fish.net
www.aathisoft.com
saanpx.aimcomely.com
admin.gamecredits.ampverse.com
www.antonioiorio.eu
artist.artsqft.com
aseriesofrooms.com
atekihcan.com
bandthrift.com
www.beanon.com
www.behappyteam.co.uk
www.blocs.se
boref.breakout.fm
www.bufocode.cl
kwh-ah.at.calculatorhub.app
www.cancelalert.com
catalinagomez.org
chavas.name
client12.citadel.tools
verify.clientdiary.com
cocoonbeauty.be
www.nova.com.ec
www.construwise.com
criacaoparaweb.com.br
www.cristinacases.com
danisacson.com
www.desmondw.com
dexterong.com
dmsounds.nl
content.prober.prod.domainsfordays.net
www.doocogames.com
link.eatpurely.com
raytracer.elmermx.ch
sydney.eventful.photography
www.felbinger.cc
www.ffst.net
fuelpricesuk.co.uk
www.gogpsgo.com
grndfuo.io
growhomestudio.in
grupotranscer.com
guotai.company
devpayments.gymbook.in
haiiro.dev
www.hosam.page
resumensarefortalezaelementiamateriales.inter.mx
app.dev.invoicenxt.com
blog.jocki.me
jsquirks.com
kiwicube.io
elser.ledesmagroupfl.com
leetkid.guru
gonher-performance.lernit.app
lifeisagamedev.nl
admin.lumosign.com
bluebells.macademy.in
maisons-du-phare.com
manyoloswag.xyz
www.mattlatham.net
app.mdescort.net
www.medxperts.mx
myavelto.com
mymanaged.site
www.naseem.education
www.nextus.io
nft-wallpaper.app
parakhhospitals.com
passionateimpact.org
www.peekayelectricworks.com
planercon.de
app.platpro.com
staging.productsignals.com
myresourcesite.propelledbrandsdev.com
www.radiokasoot.com
rafazoldan.com
rakeo.fi
training.revie.llc
robo-crops.com
link.salescaptain.com
skillajourney.com
sosclickmujer.com
srlogi.com
www.statestreetbarbershop.com
tatkebap.com
thaiwhere.org
link.theafricareport.com
thejoshderocher.com
admin.tiecourandaou.com
fiskal.tika-zlatnik.hr
m.tomatostores.com
writer.toolset.one
prioritize.upslope.app
uteakademi.com
vida-workflow-stg.vdms-remote.com
app.vitalxchange.com
wokdsem.com
yomyom.app
Other domains in certificate