Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=aurum-au.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 14, 2026
Valid Until
April 14, 2026
80 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
28:83:9E:45:2E:A9:B7:CB:0C:D9:B3:BE:B9:85:48:AD:79:77:4F:22:AD:53:AA:3F:99:1F:65:79:F6:CC:F2:4C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
comodoca.com
digicert.com
; cansignhttpexchanges=yes
globalsign.com
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
sectigo.com
ssl.com
Wildcard CAs
ssl.com
comodoca.com
digicert.com
; cansignhttpexchanges=yes
globalsign.com
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
sectigo.com
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 7 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
Subject Alternative Names
100 domains
mahaveerranches.com
5nnetworks.space
701fitness.ro
a2zall.xyz
ai.abcmyanmar.com
demo.anevent.co.za
careers-ace.astrosmic.dev
aurum-au.com
balihorecadistributor.com
proposta.bussolaone.com
id.caynensukien.com
ceciliayelmer.com
career.quantic.co.in
brainway.co.kr
quizdraw.cashslide.co.kr
www.halalbrothers.co.kr
congruent.io
www.devdubois.com.br
radioapp.digitalomnia.com
hrhub.ec3.tech
rangrezkolkata.uem.edu.in
emmanuelodoemelam.com
intake.enginuityns.com
cg-web-eg.enterground.com
www.evesdrops.in
www.gamegou.com
garagetr.com
gelatoh.co.za
glamily.com
www.glamily.com
check.halagr.com
cambio.hanneskoksch.de
horizona.com
www.horizona.com
mminhlequang.id.vn
instagramdn.com
interplay-app-dev.interplay.io
involved.finance
ithuzi.co.za
www.ithuzi.co.za
ithuzi.com
www.ithuzi.com
fergg.karrer.net
story.kumunua.kr
auth-bd.kzlogin.com
auth-br.kzlogin.com
auth-co.kzlogin.com
auth-eg.kzlogin.com
auth-mx.kzlogin.com
auth-pe.kzlogin.com
auth-pk.kzlogin.com
lunachess.com
auth.mabis.site
manitasdeartista.com
app.mapzen.app
www.matriculaimplacavel.com.br
app.medyl.com
storyboard.microgeeks.co.uk
murmurvt.com
mutti.xyz
kasir.kamikazenow.my.id
www.mygentlepartner.com
nooreldien.com
www.nooreldien.com
www.pablo-marte.com
pdfstudio.tech
www.quadrasgobeach.com.br
quantumitai.com
www.rambongmuaythaigym.com
raojatin.shop
renagouves.gr
app.repezy.com
www.rj-japan.com
runway1331-cftp.com
safeco.tech
sanbusae.com
sanographix.net
setkpi.com
www.shopshielder.com
web.shuruthisdental.com
sidebar.spotdraft.com
sumaimo.jp
eftalltask.tack-lab.com
tack-lab.com
www.techhive.lk
tirioh.wtf
www.logistics.tudotechnologies.com
www.vehiclues.com
www.fund.vfi.eco
www.videocraft.io
www.open.vietsono.com
www.villajaidee.com
dartdoom.wearemobilefirst.com
app.wellbeingpassport.com.au
storylab.wonderlab.dev
wxmracing.com
www.yc8gg5.com
www.yudong.rest
yudong.rest
yurmont.com
Other domains in certificate