Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.sdgs-mid.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 12, 2025
Valid Until
January 10, 2026
53 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
53:EE:FF:29:CF:34:9E:07:F1:83:FE:B9:E7:A5:B0:7E:85:77:CC:F2:AD:CC:25:F7:2D:F8:E3:3F:D2:53:7C:E4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
exempla.io
2048.calvinln.com
7ok.in
links-swiftcut.acty.com
dev.myadblock.licensing.adblockplus.dev
aestribra.net
antiprocrastinationlist.fr
member.appji.org
arteyalmaproducciones.com
artofpilgrim.xyz
www.atomservice.co.uk
bethgallagher.com
bloomhillproperties.com
bouncehousedude.com
link-brompit.brompit.net
caex.fr
categoriacanal.com
www.chatmvp.org
chultender.com
jfl-track.roadcast.co.in
somu.co.in
app.curelands.com
www.cypressbayoumedia.com
dsh.fyi
www.e-carre.ch
pdv.e-ceos.com.br
enfo.ai
chronova.escobedev.com
esytaxgroup.com
www.onyx.fastsigns.com
www.jobs4neets.formprof.ro
asap.forsvaret.no
live.foru.fan
foundryits.com
backoffice.dev.frilah.com.br
content.getnuma.com
ghostgame.io
glamboxbrasil.com
hearvet.co.jp
holadoc.app
hollerdate.com
links.hypno.com
lddasiucuti.id.vn
cms.ilmsg.in.th
inmobiliariamunio.com
itsprobablyababy.com
staging.justiceapp.com
reset.kizuna-system.com
www.lennaert.nu
lfabbro.com
liquordaddy.in
app.lobibox.com
lvliverealestate.com
www.mariehamnairport.fi
idp.mercari-shops.com
www.mindfulmission.earth
minveiledning.no
sby.mtnpy.id
www.mypagex.com
namibiareads.com
collision.nissanusa.com
thiruvarur.onewaydroptaxie.com
osparis.fr
host.pebbletheapp.com
chihiro.pedidomovil.es
admin-dev.peppy.health
restaurant.pickaboom.com
www.primelankatravels.com
www.protectorofbalance.de
app.quadri.com.ar
rabool.com
reedit.au
www.saifaldin.ca
www.sdgs-mid.com
app.sentrum7.com
shakai-mondai-navi.com
shenkconsulting.com
app.shisigas.co.za
skiatech.com
www.smartbusinessforce.com
share.qa.soniccloud.com
splusgroup.net
uhmsweeps1.sqwadhq.com
srisudahandcraft.com
www.stockrepublic.se
deeplinks-stg-gaming.swifty.global
www.televisionreligion.com
tellstories.xyz
telth.com
www.testfcplcrm.com
tooljet.io
admin-test.tredplus.com
vararuchiartgallery.com
viggu.me
visa4all.eu
registro.wapchita.com
careflow.wholisticservicesinc.com
www.wproduction.de
link.zeenshopapp.com
help.zerothreat.dev
Other domains in certificate