Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=stg.mirae-album.re2fe.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 16, 2025
Valid Until
February 15, 2026
85 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
96:0A:4A:74:D4:B5:D6:1B:E2:70:FB:5C:DA:FD:2B:5D:DF:D5:19:98:91:3C:7D:67:9B:32:E6:69:19:E8:70:57
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
gamezpark.net
19.lhotatrophy.net
3d-renovation.biz
connect.73h.de
aftermarketfl.com.br
ahmetozsoyproje.com
www.alianzanoramazonica.org
www.alisongonsalves.com
arqtriana.com
astralis.sh
www.atrobotica.com
inspect.autoflip.co.nz
autopro-solutions.com
autorepl.ai
invoices.axsar.com
betsycasino.org
www.beyondsangsang.com
www.bitfluxventures.com
budavet.hu
bumblebindery.com
www.changeforchangecreativesolutions.net
www.citycarmultimarcas.com.br
www.clessytax.com
clinicaespacodoser.com.br
heming.com.tw
cunyhackathon.tech
tvr.curedub.net
www.deep-sale.com
def-cps.com
departementvii.com
designsphere.solutions
app.digiwil.nl
drtastronomy.com
iemsc.uem.edu.in
elettricistacesena.it
indomoney.eui.exchange
expensebot.ch
fabriciacarralon.com.br
app.stg.favo.jp
broadmax.felporgetve.hu
www.floralain.co.za
free-la.net
link.toc.frontrow.systems
gij-tech.com
firebaseapp.heybit.io
hoshi.no
imagecompressor.fun
numero2.indefini.do
jumbofun.xyz
www.khidmat-foundation.com
konwencik.pl
ksampanis.com
spiritualgifts.lancasterbaptist.org
www.leelavathieducationaltrust.com
app.ligor.site
www.m0ttz.uk
marcelloinfante.com.br
cliente.megamodas.com.br
mertensit.be
mestreflecha.com.br
motherduck.io
taybac.nafoods.com
adaltavoce.norangeb.it
www.staging.supertutor.oakslab.dev
www.piraten-pub.de
www.pluslog.com.br
www.posha.co
www.prepariksha.com
app.qipeo.com
radarentacar.com.ar
www.rahimli.net
stg.mirae-album.re2fe.com
rohme.no
app.sedric.ai
speedtext.app
af-lf-showroom-americas.sphure.app
display.spirepos.com
sportsrank.top
ultraman.spwn.jp
www.stoicnotebook.com
studiogreenery.org
scanpetition.studiowaud.com
go.sudoforge.com
app.link.synthohub.com
www.taskeenco.com
www.thaiphoonbistro.com
dev.thecoach.cloud
www.theukrainianfund.com
timefor.co
app.transformateurstchad.africa
app.upliftgroups.com
auth.uprzejmiedonosze.net
prod.vecticum.com
washworking.com
waxngo.be
wholesalesupplier.store
whyadvice.com
www.williamsykes.co.za
app.wisck.com
app.youkno.ai
Other domains in certificate