Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=cascal.rflex.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 19, 2025
Valid Until
February 17, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
32:A5:CD:C4:0D:6D:E3:DB:96:73:97:55:73:A8:23:DD:A4:7A:9F:71:CF:A7:91:FD:0B:D7:31:93:D2:3D:C6:AA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
script-src 'report-sample' 'nonce-SZ_1mCElhoRhCRiC8KzXBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
fdl.pool-card.jp
50covers.com
app.anchor.ai
ancient.land
www.animexp.fun
aotearoajournal.com
crm.appjection.nl
apriculture.ltd
insult.arnigu.info
arrowheadpointlodge.com
www.ashreinu.app
www.available.live
babybloom.live
dev.bestbuymall.pk
redirect.careyou.cl
surl.carwale.com
casamentobiancaeluan.com.br
app.clexx.ch
www.cocoshare.info
www.steinlux.com.tw
csophia.com
app.dewpay.net
dussey.dev
gatekeeper.staging.eagle-eye.com.au
livescore.easygolf.net
edgarz.com
www.egphuketclub.com
f-navi.org
www.fitring.nl
fun.flatbread99.de
flexconsultingab.com
www.app.flux.chat
account.fupa.net
www.getoy.net
www.giffexglobal.com
www.go-together.link
nowix2025.googify.net
api.goship.vn
gourmet.rocks
panel-dev.gpiconta.com
tmn.hobbysoft.su
www.hometask.com.mx
hyperact.io
iim-uat-myntra.hyreo.com
www.icjlitoral.com.br
www.jetsne.ws
www.kerenzhou.com
kxegroup.com
lascar.eu
service.live.inc
lucastroy.info
miloujanssen.nl
auth.mybreakpoint.app
nerdpol.ovh
paulinedevine.co.uk
pedstudioapp.com.br
peytonwinn.dev
www.phoenixcpc.co.uk
pillarinter.com
www.pokemonquiz.net
www.priceofglory.org
www.qikkspace.living
www.raederscheidt.de
admin.researchbuddy.com
cascal.rflex.io
roompulse.site
www.ryai.org
www.sarajglobal.com
admin.satipasala.org
app.schul-netz.com
qa.admin.sellia.com.mx
ideas.shuttlelabs.co
www.siddur.one
www.sisis.com
germany.solomonschariot.com
app-life-dev.stailer.jp
storefront.studioduc.net
sukima.tech
www.syncsharp.com
www.tamilnadudroptaxi.in
pa.tekshard.com
tigerfish.cc
timelinehistory.org
www.tintegra.cl
tmocase.shop
www.tommasobellini.it
reservation.training-temple.fr
training-temple.fr
manual.trimbleconnect.cz
turbineweb.com
www.turtleflip.studio
urvanis.com
www.verified-caller.com
www.vermarsh.com
questionnaire.vitanote.jp
www.warrior.fyi
www.what2w.com
whendidilast.xyz
yati-verpackungen.de
yolo.website
Other domains in certificate