Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=dox.stephenfrancis.online
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 29, 2025
Valid Until
January 27, 2026
62 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
60:AD:DA:61:63:4C:BA:4D:F7:ED:A7:03:B7:CF:E8:DF:59:86:DD:A1:49:29:EC:A2:18:C4:8F:D6:57:EB:C2:18
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
microbiomeadvanced-report.yourgutmap.co.uk
www.52sierra.com
airplaneaholic.aayushbhutani.com
abduppas.shop
www.accenor.com
portal.agoramenu.com.br
www.alastaircox.com
albumdefigurinhas.com.br
alexwick.com
gallery.ambivo.com
anyleftovers.com
www.aquafacts.com
sivaganga.aravindtravels.in
b360cloud.com
bearbearandbunny.com
bigsoftstudios.com
grupomlia.bracelit.es
breeder.bringspothome.com
businessrescue.co.za
app-18.dev.carto.com
www.cassianaperesluize.com
click-match.com
climatescienceteaching.org
portal.kfhcapital.com.kw
codeplay.com.my
e.gisbirhastanesi.com.tr
comfyaccounting.com
julkalendern-test.consid.nu
pilot.signin.credotech.app
www.cybersecurity-sb.net
apps.dicidio.com
dherald-docs-staging.dogonews.com
www.hnpwa.drakkein.me
etbl2k.ca
www.evernest.hamburg
enroll.fairfinancial.org
tech.fan.ai
flouka.ca
agentsystem.gamewalletuat.com
internal.getlobee.com
griffin.ginalne.com
retur.glassolutions.dk
i.gr.chat
www.guysake-data.com
habmob.com
auth.development.inkit.com
iqwebbot.com
dl.ivoox.com
admin.jointriage.biz
justinherring.me
katieboothdev.com
promo.katsubet.com
kolbyrogers.com
www.ktksmyanmar.com
app.lecfl.com
lolcus.net
app.mezo.io
mllcm.com
montygosdn.com
www.mytruebank.com
kapp.neman.hr
firebase.net-performance.online
matrix3d.oblicx.com
oliviachen.art
skatos.p-e.kr
www.placatek.com.ar
plusonesolution.com.au
join.proapp.design
qms.qps.io
qubit-dna.us
www.ralf-mack.de
www.receipts.zip
www.recreationclassroom.com
rectfy.com
rezurv.ai
rileybrownprojects.com
scavvie.com
utme.scholarly.africa
www.scivle.com
quilmes.scouthub.app
sinanbolel.dev
dox.stephenfrancis.online
pilot.strass-app.com
www.studiosecchi.com.br
lutnik.szczecin.pl
terrahome51.ru
budgie.testflight.xyz
themzaid.com
impactozero.thethree.com.mx
www.tricitystem.com
webar.tripod-digital.co.nz
turbocreditlimited.site
www.twinstation.xyz
digitalrakyat.versionlabs.co
stage.juice.watermelon.co
sports.weavercrazytown.com
whomv.se
wordmaze.click
yumm.video
www.zehenglin.com
Other domains in certificate