Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.miri-graphic.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 23, 2025
Valid Until
January 22, 2026
72 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
53:03:D3:08:F4:1A:6B:17:8F:7F:62:C1:5B:04:36:8B:7A:A8:BE:2C:1D:09:93:DC:F8:56:10:45:53:17:B1:96
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
holdem-simulator.pihat.com
10roads.dk
web.aayaa.in
alphagainz.in
anjodato.nl
www.arsinha.com
athleticspodium.com
avy.ink
beadapp.io
admin.bestbuymall.pk
admin.carboli.com
staging.lernwelt.chapternext.de
www.chimptyphoon.com
login.clubealuno.com.br
sma.cmatik.app
www.cranerental.vn
static.danrcohen.com
dilondon.co.uk
routematrix.dpduk.live
labs.analytics.edvolution.io
englio.com
www.football-card-manager.com
m.gaigai.com
grayparroteducations.com
cse.gw2-strm-sds.com
hammadabbasi.com
humano.tech
icantgotothegymtodaybecauseofclimatechange.com
igormgoncalvs.com
andri-tetiana.invito.link
iplanstuff.com
jairesmith.com
cpfamily.jassy.in
www.jtsnorthwest.com
app.just.insure
beta.karaokebuddies.com
karrbs.com
www.kaziks.lv
kingbox.jp
kintos.mx
kodekaiju.com
lasclases.com
gymbud.levelupatlife.com
www.localmenu.online
locator-tracker.com
www.luisvv.com
web.madamadi.gr
mint.martianpremierleague.com
mattholy.com
dev-wellness.mersive.com
admin.metsights.com
mickdewaart.nl
www.miri-graphic.com
connect.mocklets.com
murcianys.com
n06.dev
noahynoemi.com
nobleledger.com
link.ofoghlu.net
karur.onewaydroptaxi.co
theni.onewaydroptaxi.co
pauline-et-pier.re
pcllogistics.in
app.ph2.io
pnder.net
pombo.dev
dg.rambolps.ca
www.rbenergy.com.br
play.rossdaniel.com
s44.events
sachinreact.com
www.saltyfloral.com
seekersandadvisers.com
admin.team.selfdoc.jp
serpentcomic.com
seryo.com.mx
www.sghindi.com
www.shahulabeeb.com
shopturn.com
icheon.smsb119.com
kontrollor-test.soppkontroll-app.no
sort.dog
spectralfingerprints.com
files.streamposts.pro
svsoftware.in
tadalands.com
pipecube.games.tetherstudios.com
thegta.in
trioyard.com
turkuma.com
ucsdces.com
www.valdejalon.app
dc.vnetwork.dev
link1.vocepede.online
www.voertuigvinder.nl
www.void.fail
applink-culpepper-orders.waiterpro.com
www.yappapp.co.uk
checkout.zissou.com.br
zrubkrahule.sk
Other domains in certificate