Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.dev.micralis.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 22, 2025
Valid Until
March 22, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
26:F3:5B:3C:C9:00:0E:05:93:C3:3A:90:3A:88:0B:75:83:A6:7B:50:C6:CF:30:0D:C0:29:58:61:14:62:49:37
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
gardianscale.com
jeromes-sectional.3dcloud.io
abeonahealth.com
www.amedeolanci.com
arjungupta.dev
admin.ayatdesignstudio.com
back2gold.app
dev.cgourmet.balearesgroup.com
www.benthanhrestaurant.fr
dlink3.betiaworld.com
store.binaryinfura.com
blockpost.com
blyzniuk.dev
www.bms-ship.com
admagencia.bondit.app
bonnsalsahub.com
chegando.app
coffeeplus.app
www.bushido.com.cy
cookwedding2022.com
www.cranerental.vn
www.csvanonymizer.app
www.curryavenue.com
d10.dev
dakotavaughan.com
damahecode.com
edu.devecap.com
dirtygoldfish.com
www.distribuidoraviag.com
drejtshkruaj.com
www.dropmoments.com
drywa.dev
raffle.eniigmakeyboards.com
www.es-saudi.com
www.flowmodoro.app
configurator.flyrotax.com
www.futbalowski.com
gabrieldemery.com
gamefinder365.com
gerryweberburlington.com
qa-web.giftameal.app
gigswitch.app
spacerocket.gofloaters.com
hobbyhop.app
hummi.app
status.hydroindustries.dev
www.ignat.dev
joinrps.in
www.jose.dev
www.kaziks.lv
komsubodrum.com
leena.dev
dev.leweihealth.com.au
livingevidenceihd.com
locchuong.dev
lucasgabriel.app
mapsfacility.com
mealspilot.com
memble.app
www.dev.micralis.com
minhanh.app
my.notes-hub.com
contact-us-dev.paxiplatform.com
auth.peaceful-app.link
psypec.fr
rapidrentals.com
realbzpro.com
www.realtimeirl.com
fatalis.redsensei.dev
reviewmylandlord.com
connect-ng-claims.rxoconnectuat.rxo.com
admin.team.selfdoc.jp
sempiternocapital.com
www.servigasodomesticos.com
local.super.shoden.ai
test.shoden.ai
www.simonacozzolino.com
xrqr.spheroid.io
rufus.spotswoodvet.com
supportbiznow.com
tappilyapp.com
tesf.club
call.testive.com
anxiety-tracker.thewordisbird.dev
tidasoft.com
townandcountrysupermarket.com
tumbledmtg.com
underscore.com.mx
cob.vanna.app
link.secure.vaulted.com
vidyutautomation.com
www.vincentcombes.com
vivekfinearts.com
www.voertuigvinder.nl
wevainfotech.com
wildfireaussies.com.ar
xhop.me
www.xiperia.com
www.yappapp.co.uk
zhaoxuanma.com
Other domains in certificate