Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=mx.demo.hamidasghari.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 06, 2025
Valid Until
January 04, 2026
55 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A4:8F:6E:B0:6F:45:DA:8A:6A:7E:3D:A9:8E:E2:13:89:EC:AD:BC:3A:D8:06:B1:CC:58:E8:F1:D2:15:8D:A7:23
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
golf-sale.se
add.vc
qa2.connect.adswerve.com
admobbrowser.africasunrise.com
afterdoc.net
admin.aidara.app
alderon.com.au
cao-ggz.appdashboard.nl
artsolarenergia.com.br
blogs.ashutec.com
athulrk.com
boulder.school
staging.brickwise.at
brightmedia.cl
viva-pizza.busquenos.com
calvinwong.me
www.cardguru.io
www.cassette.band
tampodruk.com.ua
admin.croptic.ai
cummingstorageunits.com
gym.dijiti.com
clinic-hq.shelf.doctorbook-cs.jp
www.eeecccooo.de
safiraenergia.enercred.com.br
www.fakturpajak.com
client.freestand.in
www.frisoles.com
auth.staging.goodygood.co
grafk.design
grasshopperdesign.in
mx.demo.hamidasghari.com
hossegor-properties.com
nguyentrungson20225225.id.vn
kioskbistro.infinitifood.com.br
timesheet.influence-it.com
jees.com.br
jempass.jemedia.org
junges-theater-oberrieden.ch
app.kartojn.com
kinderlabs.kr
kingfisherkayaking.com
kkgarrett.com
tools.knwar.com
hoshizora.ktw.jp
facebookdevelopercircles.lapieza.io
www.latifilaat.com
ham.lelimit.no
preview.leximancer.com
pay.livewebtutors.com
cn.marsquartz.net
cn.marsterrazzo.com
marylane.com
lucas.massena.com.br
mattgalloway.com
www.minneke.de
mobilegamingstars.com
www.mobileoffize.com
monsteroftheweek.space
curupon.musekinin.net
www.newgenml.com
newriverninjas.com
www.newsprovenanceproject.com
checkout.nftconcerts.com
www.onepercentcashback.com
relatorios.opengera.com
www.orange-u-glad.com
codi.pensioenduidelijk.com
piugames.com.br
schools.portodesignbiennale.pt
wellbeing-survey.positivehealingtherapy.com
o2exam.rajdeep-das.com
roastedbethlehem.com
robert-costello.com
rokinapp.com
dapp.saladhr.com
www.sanpetekidscare.com
www.sensoryve.com
pvctarps.seobai.com
old.shopy-iq.net
www.sikatechnologies.com
www.sorayaintercinefilms.com
konnect.sorocabarefrescos.com.br
sportfolioreport.com
sssaquadevelopers.com
www.strange.garden
ins.demo1.stx.world
cloud.tapefear.com
telemensagem.app
the-bellemontnyc.com
tokono.com
trackrapidly.com
www.traficowebcam.com
console.simulads.ultraimpression.jp
auth.usedukia.ng
baufinanzierung.vb-rb.de
countdownapp.vladimirgutierrez.dev
whatcouldgowrong.ai
facilitybank.xptoconsig.com.br
studybuddy.zla.app
Other domains in certificate