Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.mistergreen.es
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
33 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
63:7A:6A:3A:D6:EC:2F:0A:04:65:72:C8:C1:48:6C:D8:10:22:64:93:FD:02:13:B7:82:26:F2:C2:0B:3A:74:FA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
pawn.town
360.qeiicentre.london
app.accordev.com
nps-etn.activate.cz
adamgienapp.com
advisorinterface.albumhealth.com
wiley-mechanisms.alchem.ie
get.staging.alpinemedia.com
www.amioboli.com
amitsal.com
d11.apxor.com
click.artel.app
www.artfulhq.com
www.avio-gyro.com
www.baloo.org
beavercreekmfg.ca
console.bitloops.com
www.blacklub.com
dev.booze-feed.ca
test-carrier.bringly.nl
agrogova.busquenos.com
stag2-admin-app.daikin.com.vn
coopermayne.com
app.corecircle.com
pesquisaesmaltado.corfio.com.br
hcc.cross-switch.app
crosspointrepair.com
www.cungnhauphattrien.net
www.cyberwolf.games
signatures.digital113.fr
app.divshot.com
media.dpd.co.uk
admin.edaun.com
www.edorta.it
www.cbe.edu.sv
st.egg.srl
empoweredu.global
mobile.eqifi.com
eskimosonly.com
fielde.exagensolutions.com
fireabase-auth.fanatiz.com
www.faqtor.co.uk
global.fitpass.app
glur.ch
studio.gotokenny.com
www.gracecleanaz.com
demo.imxcore.com
injungle.xyz
cohezio-de-dev.input4you.be
isaacezequielsalas.com
jeffandcaseyshow.com
www.keabot.fr
www.klangkarten.de
staging.manytouches.com
massena.com.br
www.matthewmishler.com
maulikbhargava.com
www.mistergreen.es
monolithic.art
goplay.montanarep.com
dev.nhakhoaphuocan.vn
nofilterbroadcast.com
www.crm.omrx.in
www.onyv.ch
denkiphoto.shibusawa.or.jp
outerfold.com
passchip.com
www.peomodel.com
government.sns.pirika.app
poddaptitude.com.au
www.pokestats.nu
poojabhaumik.com
dev02-link.propertyloop.co.uk
protonss.com.br
link.qalby.io
rainbowwavepublishing.com.au
retiari.us
www.rinzezwaag.nl
saharadroptaxi.com
www.samuelbruno.com
sitedopolitico.com.br
app.sitetostatic.com
beta.skotch.app
brunamaciel.smartimob.io
pvs.snapmentor.no
omgr.spiio.com
sportsmindai.com
www.suntec.hk
www.tar.is
techtaco.com
faraone.thetislive.com
thilaixe.com
thomascowder.com
tinycommerce.com.au
udu.doctor
brokeradmin.wallit.app
ourportal.wasteconnections.com
winarialand.com
xpug.pet
cbdemo.yapstudios.com
Other domains in certificate