Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.app.shir.ly
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 09, 2025
Valid Until
January 07, 2026
52 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4F:B5:08:EA:AF:AE:BF:86:49:31:F6:C9:73:1E:70:18:26:B9:9E:10:C3:59:18:0A:60:7F:45:04:D2:05:46:63
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
elregisseur.com
ai1travel.com
amarikko.com
www.amnistiegj.fr
anotherline.nl
avocampo.com
om.bandygrytan.se
www.bapindia.in
barbeariadamooca.com
portal.barbeariadamooca.com
bitmyners.com
www.caragu.com.mx
path-finder.chandrasekharsahu.com
classicparrillada.uy
88world.co.kr
lotron.com.tw
www.coudelariajcl.com
gameon-dev.critgames.com
cyberalpiner.com
www.divers.pub
djlabs.com.br
www.dopomoga2022.org
www.drswethaskin.com
dubeto.com
appscamp.ucu.edu.ua
edzag.com
staging-dashboard.eluminatelabs.com
leap.everlearn.ai
www.father.beer
fomoweekly.xyz
dhv-eho-app.frt.vn
funtapx.com
gate-keepr.com
www.geotraining.at
www.haikumb.it
word-quest.halony.tech
fireworkjs.hassanali.tk
dl.hatari.cc
dev.pract.healables.ai
customer.uat.helppoydin.com
www.hi10.me
manager.home-hub.co.za
www.infinitevoltage.com
coin.io.in
app.iomispa.com
kido-freiburg.de
www.kristofff.dev
kupim-prodam.kz-smarje.si
leecon.de
legendspicklefest.com
loganbesecker.com
qrcode.macva.mx
redirect.madebyvasilis.site
calendar.malahatnation.com
firs.manchesterbotanics.org.uk
maximilien-desilets.ca
engagement.mcdonaldsnederland.app
medicalnow.app
app-test.mib-yacht.fr
app.mib-yacht.fr
michaljablonski.dev
naimsedan.com
www.neneboy.com
nothingbutgames.net
www.nurofy.com
hansa.onpointigo.com
paperbackmag.com
www.playlistassistant.com
www.rewards.pocketpoints.com
downloads.point4more.com
putscher-buchleitner.at
www.reisetipp.app
www.repsitalia.com
download-dev.rockpaper.me
play-dev.rockpaper.me
live.sasgroup.net
qa.se-i.app
shelfi.in
www.app.shir.ly
sandbox.checkout.shoptopup.com
business.dev.shuttlers.ng
ednasearch.successacademies.io
www.supermind.cool
switchfood.net
client.thelotusmethod.com
fb.tripy.com.ar
www.tsg-automation.com
uploadistribution.com
vastgoedgereedschap.nl
www.volti.dev
dev.app.watermelon.co
waterstreetedge.com
flow.wehub.fun
dev.wellify.ai
www.wfhsxf.com
whiterivertechnologies.com
g.wul4.es
adminapp.yomeanimo.com
zoharsinger.com
zumaxphotos.com
Other domains in certificate