Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=oxford-fitness.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 28, 2025
Valid Until
January 26, 2026
76 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C9:F5:8C:50:1D:0A:54:CD:F6:09:26:7F:EE:28:84:B9:19:63:68:02:18:EE:9A:DF:C2:D9:CC:64:42:AB:2D:1E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
my-data.upflowy.com
link.allright.com
amitbhawsar.com
admin.anjb.pt
admin.annpmodas.com.br
de.arkhamcards.com
barbosajlm.com
lasso.bombyao.me
borckolay.com
brentwong.me
brokenref.com
www.calculadorafinanceira.com
clay66.dev
devportal.cliqstrategy.com
www.configit.com.au
contribuenti.it
fdl.cross-tables.com
opticam.dataauchan.fr
www.dayzguessr.com
drandresantospvh.com.br
dynamike.se
esoy.enorsecurities.com
expulso.in
flitter.fr
gamebook.ltd
gaston-services.com
gtpninjacart.in
dev.timetracker.h8tch.com
hardikpatel.dev
voice.hirekarigar.in
housekeyrealty.in
intry.io
jointownhall.com
console.jwplayer.com
chat.karlachat.com
kattawar.com
www.kaylamelton.com
www.korkrit.cloud
latticerobot.com
api.moonalgo.com
url.nexborg.com
www.nicklefox.com
noter.dev
lovert.okiyy.com
oxford-fitness.com
palettenest.com
www.peoplehousing.com
www.pigeonfiles.com
applink.staging.possy.jp
radiantrealtor.com
boda-santi-vale.reinosh.cloud
covidportal-staging.relieftelemed.com
app.revenueship.com
www.richardwilkosz.com
www.riverpointrvpark.com
rltradingpost.app
qr.rmk-museum-nft.com
romain-vignolles.fr
www.romanparubochyi.com
rumabe.dev
share.safarway.com
dev.salussms.com
sb-dt.com
watch.dev2.screencastify.com
gymsite.sharshar.dev
shrlinks.com
shrutlekha.com
smggida.com
wedding.sonim1.com
sorbydata.com
stephvaez.com.ar
stockhub.app
www.superawesomelab.com
www.swimmers.pro
www.tattoofinder.es
ra.taylorjdawson.com
taylorsams.design
www.tekspikes.com
ginrummy.games.tetherstudios.com
aw.thangnguyen.dev
tikpage.com
www.toddlucas.org
www.tradeflex.com.au
treasureofambedkar.in
app.truvalyou.com
tubulareselvalle.com
beta.tunescope.org
universalcuisines.com
djangobuilder.urfu.online
urn.io
www.va-vineyards.com
staging.vengames.net
vipau.dev
payroll.websitebuilders.dev
beta1.whomever.dev
company-catering.widynski-roick.de
www.wiseguitar.com
wordsandtea.com
www.workdaylog.com
zeromint.com
Other domains in certificate