SSL Certificate Analysis for input.stg.sumai-entry.app - Security Grade & TLS Configuration

Open Cached · just now

91/100 SECURITY SCORE

Certificate Information

Subject

CN=alphafr-cw.confido.health

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

November 01, 2025

Valid Until

January 30, 2026 63 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

53:18:80:6D:53:DD:27:E0:17:34:7A:B5:FD:3F:BD:3C:D1:71:16:FF:73:65:FF:53:80:82:0D:FD:B8:6A:E8:B5

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Good

default-src; script-src; style-src; +1 more

X-Frame-Options

Excellent

deny

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

no-referrer-when-downgrade

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Strengthen CSP by removing 'unsafe-eval'
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

input.stg.sumai-entry.app

Other domains in certificate

a-combinator.com

aicobuild.net

airfly.buzz www.airfly.buzz

sky.alphaxds.com

ankarada.net

aosoftware.at

www.arund.in

www.ayurdrkaur.com

www.bearbytelabs.com

rodezaveyronfootball.deeplinks.bfansports.com

txss.bursteinlab.org

www.bypkle.com

qa-v3.cavs.app

chesteritsolutions.com

www.cinqtortues.com

clubinone.ch

coinflow.money

alphafr-cw.confido.health

auth.costshare.at

cpas.ai

www.dartsters.com

deviatedelight.events

dulcediricacrochet.com

emircihangir.com

empotechlabs.com

estudiogonzalezfabrizio.com

ezclo.net

libra.finculus.eu

finpic.com

florish.app

www.franklynstephensonacademy.ca

greenmenus.earth

quiz.groupone.pl

icaroassis.dev

devnote.iggkenya.com

nerural.ilymgroup.com

intesoft.net

justamiracle.net

www.kalegod.com

karin-wilhelmer-physio.at

soroban.kidsup.net

krediitium.ee

www.ladana.com

leapa.app

admin.lessontime.co.uk

goulz-fe.lines.ly

teach.lingoberry.co

www.linkasia.id

www.livability.org

www.lyle.fyi

www.markslawnservices.com

melissaefederico.it

www.merasamaj.app

f.mikaelf.com

app.mixxclub.com

open.mywindo.shop

knowledge.nilay.jp

nlalarm.app

forms.nuuphealth.com

offerstreet.in

pat-meta.com

tag.paymii.io

phipeeps.com

physicsguide.io

picknote.co

www.potomacdining.com

www.primatasmkt.com

redroot.games

www.romt.one

a.rpass.co

rubensmits.com

www.sandhikala.com.ar

www.scrolldex.dev

securethebag.app

skutnik.page

smartvs.net

suzukiplan.com

switzer.rocks

beta-v0.tecore-client-cdn.timeedit.io

applinks-acc.tintelgift.nl

mcts.tixora.com

tkrishna.in

scripts.tsg.tordenapps.com

clocktower.trumankautzman.com

trvia.co

pay.uc-bcf.dev

beta.uiclap.com

eu.backoffice.uveye.app

www.vsmac.com

windrushbadmintonclub.co.uk

wrosswhite.ca

www.xcofin.com xcofin.com

www.xcolonstech.com xcolonstech.com

xroad.app

youkan.io

b2b.zenelo.net

Free Cloud Credits

Get free credits to test cloud platforms