Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=kolesovgena.ru
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 11, 2026
Valid Until
April 11, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F5:0E:C7:1C:B2:CE:D1:7D:4E:67:8C:CC:31:48:97:66:74:C8:17:CD:87:33:41:7C:D6:D4:AC:3C:B5:69:66:B8
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
mindplus.run
www.a-i.cl
meetings.akpartners.fr
link.anubismultimedia.com
www.arborworks.co
www.arsyofficial.com
arvfinplanner.com.mx
www.automatizapyme.pe
queue.bbftf.org
brecholuanova.com
www.brecholuanova.com
catalogcreator.app
www.chigshvaenterprise.in
www.citycrocs.com
www.clickpay.bo
www.cmglobaltrading.com.ar
vinnojaya.co.id
moriarch.co.il
rice.codeskulptor.org
app.dantri.com.vn
chat-staging.comprendo.dev
dashlix.com
coach.dinatus.com
student.dinatus.com
app.driveflexcar.com
dustoffreset.com
rizoma.ecredito.io
cms.ednalabs.com
analytics.app.educobot.com
ekodubai.com
www.ekodubai.com
epicbox.tech
quote.erabond.io
ethosgames.xyz
www.expressdroptaxi.in
fdmapquiz.com
gamepod.games
web.genchi.app
glam-pro.com
globalhealthcoreinc.com
app.growltv.com
hayahaytravels.com
www.healik.ca
hotshotsbattingcages.com
dischool.imtghana.com
injazco.sa
interm3d.com
booking.invoay.com
www.jactcell-assistec.com.br
chapitre-admin.kards.fr
hotel.kattooz.com
kolesovgena.ru
www.lalineadisanmichele.it
dev.layopay.com
hk-traffic.linkingapp.com
liwyatan.com
planeoapp.mareigua.co
revenge-pop.mikapikazo.info
www.mineclever.com
mlclogistics.be
statusspy.mooo.com
natinet.net
test.symbol-fest-market.nemtus.com
www.newstickerapp.com
www.nikhilnanda.com
www.nouwinegallery.com
one-step.io
dev.p3p.xyz
bestellen.parma-gladbeck.de
firebase.passpass.org
app.pigmentapp.co
auth.pricetillt.com
www.rangschikking.be
simplewallet.razzo.ar
timetravel7.play.realdgame.jp
realmenchoose.life
www.sarawaldispuehl.ch
fiscal.savantpayments.com
sciencecolors.com
thanjavur.selvitravels.in
sharedtechnology.it
medicion.slared.cl
smbcircus.com
snaylo.com
app.strokeai.ir
superiorappliancesrepairsandiego.com
www.superiorappliancesrepairsandiego.com
tendercastle.com
thechartmaster.in
throneofcatan.com
www.timesync.nl
topatudodigital.com.br
vexasystem.com
veyraapp.com
nfts.vistafinance.io
daily-grind-8lv.my.voicezero.site
wecode.io
windwalkersgame.com
wynyardcollective.co.nz
yedra20.es
Other domains in certificate