Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=blh.sh
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 01, 2026
Valid Until
April 01, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
07:55:E3:89:56:00:E5:33:8D:08:BF:71:5F:A4:CC:E3:D7:3C:F5:A3:C1:BF:50:8F:AA:91:15:C6:4D:3D:3B:BA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
Wildcard CAs
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 6 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
Subject Alternative Names
100 domains
ndceilinghangers.com
2brostint.com
www.abmdist.com
app.ahlanzoom.com
www.andersonfamilyvineyard.com
www.apexsgi.com
app-v2.appsonair.com
links.apptopay.com
wil.art.br
autoxcollective.com
parents.preschool.bee-happy.club
blh.sh
breigny.com
client.link.bukest.com
caandl.org
checklist.cargacerta.com.br
clusterbeep.org
universal.boots.co.th
costareal.com.gt
comingclock.com
www.cortinasrollertech.com
cuteprint.in
www.d3rivr.dev
dentbabil.com
ruminations.diogomonteiro.pt
dramarlenesotogeriatra.com
earthtimelines.com
energy-alix.fr
www.espilabs.com
www.fhstundenplan.de
fluent-stories.com
gyanita.com
www.harmonisezvous.fr
hvaq.in
ibrahimjara.com
www.icodeup.com
app.illmaticservices.com
freedom.impactwrap.com
admin.inmozuniga.com
l.intellimali.co.za
www.israeli.deals
jaisonpharmaceuticals.com
dns.jguiza.com
www.jsite.dev
la-maison-d-annie.fr
labeledgreen.com
demo.leadlabz.co
www.learnallcenter.com
mta-sts.linjacobs.dev
www.lovepy.app
link.mabonnefee.com
mariwaki.com
marvencetechnologies.com
www.memberkard.com
merchari.bike
www.micesmart.events
lp.mintice.net
satitvru.misschool.net
monad0.com
negabutchery.com
nosilento.com
www.nosilento.com
nvin.in
services-mht.ny-go.org
onemewebservices.com
orcarising.com
dev.parry.dev
peakbit.net
fourinarow.popoko.live
primeoutcome.ai
dev.qjmp.io
receipt.reveriecottage.com
ridloncmr.com
rmpt.dev
sabzeefresh.com
staging.beta.seenka.com
pefi.simonschneider.org
sourcesweep.com
web.sportadventure.app
sugarspikediaries.app
talkcar.fr
static-staging.tanto.app
www.tarunaru.com
team2020.org
tecblic.com
hotels.titanurban.com
clarity.tqi.ai
commander.triangula.com
trustedgetaxandconsulting.com
truthseeking.one
ubt-epstesting.com
varsityclassactionsettlement.com
velique.ca
verifico.co
vidaimoveis.com.br
www.xgames.games
support.xikrit.com
xservere.com
yourbrightsteps.com
zennetaler.be
Other domains in certificate