Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=megadrive.ru.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 19, 2026
Valid Until
April 19, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5F:73:BB:65:1F:62:86:43:BA:F2:BC:F9:38:BE:86:BB:28:59:59:EB:6E:5D:1F:4A:9A:41:BF:8D:35:51:62:47
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport,script-src 'report-sample' 'nonce-Y2PWiiC3D3N1fXrFPFAzUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
hs.suppy.app
www.achernya.com
www.agilesoftware.es
agoodsocialmedia.com
www.ahmdaeyz.dev
annapetruzza.com
oz.nudges.apxor.com
arcoirislabs.com
www.arcondrilling.com
onboarding.artel.app
www.atabichi.com
www.barcodeims.com
barweiler-nord.de
www.bensjones.me
biggestkohlifan.com
www.bottomlesstech.com
www.buffalosurgicalwiki.com
www.chirpsweet.com
chrbati-group.com
dev-violet.c-point.co.il
kiosk-client-test2.cleanbox.co.il
www.anymos.co.kr
admin.qaschool.com.ua
app.contentstatus.com
learn.creative-formation.fr
cryptokaraoke.app
csmbksctvenice.site
www.cv-dz.com
deintattoo.ch
reweigh-i.dev-ltl-xpo.com
dhwani.app
diningfairy.com
dressupkevin.com
drivoslog.com
ftxap.easysignage.app
elitec.ec
service-test.en-logi.com
a0jl.foodle.su
foonapp.com
fridgetoforkapp.com
www.golfhandicapp.com
www.helvetica.world
www.hexreviews.co.uk
oranghilang.hindia1024.com
www.hogarinn.com
husocial.huseyinsula.com
it2102.id.vn
innovativa.co.uk
jakeandcatherine.com
joaolincho.com
juancarlos.eu
mta-sts.kamp-consultancy.it
ateez-dev-9a287.kaura.world
applinks.kins.com
www.account.kiter.app
test.kovomik.cz
www.kuizzi.app
vote.kunle.io
ig.logicpuzzle.app
coop.makeany.app
memba.app
mottette.jp
viktor.myphotopal.shop
myrnd.in
niduu.com.br
share.ohchr.org
blog.okaryo.io
customer.onlinepartner.se
live-chat-auth.orlo.app
app.pacelist.co.uk
pachaasteels.com
app.pank.org
tjx.parkalot.io
www.petcarenanny.com
promo.picprint.app
www.pneu.md
prashanthkotianphotography.com
www.psdhub.org
psychotherapie-eisenach.de
app.rebase.gg
wordle.reillybrothers.net
app.rooferintel.com
megadrive.ru.com
my.test.runmyservice.com
www.runneviction.com
dev.scouthub.app
www.showtimes-by-keith.com
pensioenbij.spservices.nl
studioestlumiere.com
thedevlab.in
www.tomprice.dev
calaca.turnosweb.app
circo.turnosweb.app
vaibhavchandolia.info
vietnd.art
meme.vmog.net
voiceforge.app
www.wheredidiputmystuff.app
www.zipurl.io
paylink.zonbayar.com
Other domains in certificate