Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=stage.campusexperienceapp.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 08, 2025
Valid Until
January 06, 2026
52 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
64:4F:A9:3C:51:E6:DB:41:55:C0:BC:4D:6E:EC:78:29:98:2F:4F:28:82:2F:B4:6E:9E:7D:93:16:35:6E:4D:9B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
join-dev.luep.app
8888888888.de
www.adi-choir.com
homeshare.afanasev.net
www.appplanets.com
avo.is
care.development.awellhealth.com
www.bazandgo.com
bespokesystems.net
shop.bhaptics.com
bijyo-tokei.com
www.bluebowfashion.com
blueskypay.in
www.brsrolloff.com
stage.campusexperienceapp.com
clientes.castellmar.com
reset.charlotteproducts.com
staging.cinematcher.com
antreclive.claritycreation.com
www.colmena.pe
hutchnews.column.us
daydreamt.org
deathfromabovewargaming.com
deckdojo.app
dekarbonizaceceska.cz
www.denikhormones.com
dietkadai.com
dimesto.com
driftbee.com
www.duermevela.shop
edgehustle.com
fagbrev.io
auth.fantasykombat.com
fdata.finance
exp-qa-ideacloud.forgedx.com
fundatejar.com
ganzorig-li.com
clubsocial.gaubey.com
gcilbackend.com
goated-app.com
game.gregleaver.com
passagens.guerreroconstrutora.com
staging.hemisphere.digital
herizon.ee
highschoolmatstats.com
www.hiloshilazas.com
www.hypergolic.xyz
kpl-advisors-release.ischoolconnect.com
jacobcutshall.com
jalgaonpharma.com
jmcartem.com
jolk.app
journeyofahealer.com
jppcode.com
www.juliaandpatrick.us
juniormujica.com
jurcevichealth.com
kartindo.com.br
kaza-electric.com
cowin.kwiqsol.com
launchpadux.com
lutgerttitle.com
www.lutgerttitle.com
mackmyers.com
www.mapdigitalservices.com
marke.digital
go.marycielo.mx
memories.dev
www.modulussell.com
mononz.com
myworkbox.link
insights.nexhub.app
accounts.noticeable.io
odipappa.com
app.okds.com.br
link-qa.opark.com.au
www.paolodipietropizzeria.it
pentacam.app
www.praxilock.com
pubgames.io
qiheon.com
tamuka.bookings.ratality.com
stg.btob.re2fe.com
restaurantefutu.es
retrotrivia.games
www.rmt.com.br
www.robotplaytime.com
lipsync.rvaxa.com
shggift.com
atlas.shubhranil.com
www.starcakes.net
www.techmythree.in
www.ticketsparaestacionamientos.com
online.trapmaster.co.nz
www.udejm.com
valenzuelarectificaciones.com
www.valiaindustrialpark.com
via22.workspace.training
www.worlddomination.group
zengado.com
Other domains in certificate