Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=sagarrahu.com.np
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
57 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4A:A3:AA:16:D6:3D:F3:CB:8E:28:CE:2F:FE:58:E5:A8:9B:11:57:3F:8A:56:79:E5:9E:80:DF:5E:1E:53:61:29
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
heisbig.com
9animeapk.store
aionrx.com
admin.albumatii.com
www.alerta.plus
reports.almeraim.com
lite-referral.services.amplifique.me
annaibrands.com
www.anthonycosenza.com
arceptive.com
autoradiant.com
awatem.com
spikerecorder.backyardbrains.com
partner.banksakhi.com
app.barretoimovel.com.br
www.be-hookd.com
bilalnawaz.com
www.bokeriastudio.com
bourque.dev
cattokatsu.com
charterblessed.com
www.citsa.cl
citygen.in
ckoapp.com
cleanjpeg.com
momirevivo.co.il
www.oded-reitten.co.il
codeml.ca
sagarrahu.com.np
crgama.com.br
www.darumapagos.com.ar
www.davidbmusic.com
www.dazole.com
www.deluxecaravans.com.au
dineroo.com.au
ca.ebizfile.com
t.eseg.cl
espositosebastiano.com
app.findflames.com
www.fivesix.app
fexlivetransfers.freedom-bpo.com
testadmin.fujisushi.no
www.futureisremote.com
gameralm.at
bubblewoods.games235.com
genuinelyoptimistic.com
glanceirw.com
meadows.godlifeencounterchurch.org
hackathon.am
admin.hauteislands.com
www.hdbdata.com
highlandhomeimprovement.co
honistaapk.site
hotarek-ribel.com
hotdogbushgame.com
beta.ifasouthafrica.org
lsk.indyriot.com
reza.info.bd
www.ingrainedwoodworking.ca
innfactory.cloud
isurumsoysa.com
member.joininteract.com
www.portal.k-9apps.com
katosolutions.lk
www.kuranokuyorum.com
ldnopocno.cz
www.lesrelais-cartegrise.fr
likecomunicacion.com
lucianoferretti.com.mx
www.macht-sprache.de
marro.io
lucky.midolotto.com
gestiona.mintcard.net
www.now.engineering
nwsummit.com
objex.tech
openflux.dev
www.pasulol.com
petwasi.com
plusound.com
my.poursteady.com
qrschmuck.de
www.queuemo.com
admin.re2fe.com
asamblea.redenlinea.net
refun.com
roguebot.software
dev.shootopen.com
www.shtm-tst.site
www.sportzcoin.com
link8.sucodev.net
swingcriminals.com
abstimmungen.tagesanzeiger.ch
thetown-app.com
app.toolabs.com
travelult.com
app.s.undiffer.com
veeball.io
walkies.app
app.yuliannas.com
Other domains in certificate