Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=staging.stylexplore.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 19, 2025
Valid Until
December 18, 2025
35 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FF:9F:5D:3F:D2:05:BA:31:6C:41:AB:80:E2:B7:F5:8F:0B:D9:8B:1E:7A:12:31:4A:73:61:3B:03:62:89:0C:90
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
kindleanalytics.com
fitness.aidashboard.tech
weighment.ajdalal.com
bookspace.atelistech.com
atestado.me
dev.atestado.me
aumann.dev
pay.backyardstudios.no
beautybeyondborder.be
app-jogodasestrelas.bepass.com.br
hesapla.biesans.com
chat.blaisethompson.dev
bodanoeliajuanjo.es
chillibox.co.uk
career.quantic.co.in
beta.copycattr.com
cosmic-shores.space
creasana.com
www.cyberhunter.nl
maker.draweb.cloud
play.escthegame.com
landing.ferial-e.com
flapi.io
admin.flymeout.io
www.flysoft-eng.com
www.foodybank.com
api.freetrade.io
auth-prod.freetrade.io
auth-uat.freetrade.io
client-api-preprod.freetrade.io
fundraisingstoreonline.com
gmt4master.com
grti.com
www.hachixp.io
box.heroestd.io
download.heroestd.io
heroestd.io
maintaining.heroestd.io
media.heroestd.io
summon.heroestd.io
welcome.heroestd.io
www.heroestd.io
ihax.org
isayandres.com
www.ivoketelaar.nl
www.jdami.co
www.jhengservices.com
joskan.com
www.kilosaurus.com
rooster-preview.kognitivinc.com
lafabrica.ltd
www.lavipix.com
leestevens.dev
legends-forge.me
leotrackdroptaxi.com
portal.lightxinnovations.com
www.lise.com
site-stage.liveb4buy.com
louisdvart.com
calendar.lucafloesser.me
portfolio.luctatu.fr
icons.m-link.no
melonpop.app
guitar.merencia.com
mitrakahrizirund.com
join.mutualevents.com
clarity.neuralpromo.com
3words.ngl.link
www.onurhitay.com
ta.orchv.com
accor-hotel-demo.order.place
www.pandes.co.uk
adops.perpetua.io
piyiart.site
potatohealth.com
realitystat.com
app.rechargepos.com
robgordtech.com
mamas-rezepte.rohana.de
party.sallyfrancesco.net
sfpopos.com
op.slingshot.finance
guides.snowflake.com
www.sonanttech.in
sordidvibes.com
dev-admin.souschef.io
www.southindiataxi.in
candidate-react-sandbox.staffshift.com
staging.stylexplore.com
sunisup-studios.com
invest.supayut.com
staging.supercmms.com
toddsweather.com
seguimiento.toptainer.cl
florencia.trade-design.com.ar
app.vetrina.com.br
reg.vz-experiences.com
ziptours.fr
checkout.zksync.io
staging-code.zksync.io
Other domains in certificate