Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=coach.alliedwellness.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 12, 2025
Valid Until
February 10, 2026
82 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5B:AF:3D:4E:61:E0:9B:78:DF:45:3D:67:8B:2E:52:8E:C8:E9:02:A1:C5:9C:A4:C5:55:26:A8:A5:A5:7E:FB:65
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
epscot.co.uk
coach.alliedwellness.com
allurelashandskincare.com
apexidsolutions.com
www.araaksoftware.com
test.arakene.com.br
cms.attendmitra.com
www.bbq369.es
ladda.blockfront.se
chores.bobbybricker.com
botted.wtf
www.braceyskyway.com
byteandreason.pl
careerandlifedesign.ai
aider.cgvtelecom.vn
biladebt.co.ke
www.coateschiropractic.com
sularkesikmi.com.tr
conferenciaembajadores.org
csportfoliotool.com
dashbuy.site
dd-construct.com
staging.share.member.digskill.net
ooty.dropmeoneway.com
www.ondernemers.duurzaamwonenbon.nl
trancoso.dysoft.com.br
eduvera.tr
global-simulator-staging.electriphi.dev
elevoragaming.com
tmcs-admin-dashboard.finkraftai.com
www.foxprotege.com.br
www.ghari.in
gi20capital.com
www.gi20capital.com
auth.gridword.app
www.gruporgi.com.br
higgins.dev
dynamic.hket.com
hottieshormones.com
www.hottieshormones.com
click.icode.mn
insightek.in
insurscale.io
www.islandriver.online
login.iztech.dev
joedeeautos.com
latin-link.net
portal.leibelthedev.com
luvyduv.com
mergenetu.ro
blog.moontrace.in
mcarc.moontrace.in
geekbites.move4mobile.io
msmferramentaria.com.br
myfunily.com
naadichat.com
nkdengineering.com
www.nkdengineering.com
nuunipay.com
oneappcenter.com
onixe.net
www.online-image-compressor.com
orderlypuzzle.co.uk
www.pankouts.com
phintel.partners
messaging.pileustech.com
www.promp.com
quencode.io
rajpalrealtors.com
www.raphaelclinics.com
rashidnk.dev
recovu.co
reviewdistiller.com
saltyear.com
www.saskatoontirestorage.ca
www.sellfirst.tech
parents-dev.sentral.com.au
shapesoflatvia.com
ws.sirajulhuda.com
sodoservices.com
spenserlea.com
sportellimatteodev.it
sunvni.com
syfabrik.com
timforrest.dev
tossedover.com
www.tossedover.com
app.truecaller.com
roomy.umm12many.net
kitchen.vearuny.com
wallacerewards.com
waterstartups.com
www.weaversart.in
www.webbyapps.io
v2.alpha.weezer.fr
worzard.app
x-phere.com
xhitsthespot.us
download.yatrirailways.com
verification.zwabi.jp
Other domains in certificate