Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=preview.socialife.ch
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 07, 2025
Valid Until
January 05, 2026
52 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C8:05:D5:F9:95:C6:F7:D1:28:F6:7F:55:FD:B5:AF:4B:A3:CD:00:C0:72:0D:F7:FB:EE:E8:13:19:2F:6D:E3:A8
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
proyectos.gestorgip.app
abindigitalmarketing.com
aemirkalafat.com
aesteon.app
aiava.io
www.aiqadoc.com
alenjojo.com
www.amovoce.com.br
auroramelchor.com
wms.avilonrobotics.com
badatcss.com
bellarj.com
s.beproud.jp
dev.ms.blsm.ca
braveagency.net
ostv-app.bymovi.com
core.cambri.ai
app.campizza.com
crickfeed.cherrysinc.com
screensize.claytonjacobs.dev
cars.ynet.co.il
cryptoscout.app
curio.llc
www.databridgeanalytica.com
ddderma.com
app.doklado.sk
covid.earningsahead.com
outreach.sgu.edu.in
www.ektekniikka.fi
foreverware.app
frequencyillusion.club
glowupelectrical.com
www.goldbee.in
gpqalabs.online
gregbare.net
sds.gs-strm-sds.com
healinghandsmedical.ca
www.howardhonig.com
www.hqbinauralmeditation.com
api.huddln.io
app.impulsofitness.com
bo.ywc17.ywc.in.th
jmus.se
hutfinder.kurzer.de
kwiktech.net
universidadexecon.lernit.com.mx
beac.lfv.jp
admin.linkednet.com.au
luciferianismo.org
marksandnumbers.com
www.masicorpltd.com
matteobrogin.com
sm-v2.mcgrocer.com
staging.admin.mereka.io
midobapps.com
plugins.minecraft-event.net
www.mondobe.com
movehero.com.br
franky.pleasedontshare.my.id
myexpense.io
www.nazildosouza.dev
www.nbktimes.com
meta-channel-integration-doc.newwaycorp.io
stg.admin.norosy.com
omikuji.app
onewaytravels.in
app.ounwan.com
www.pagoschoix.com.mx
pishoto.com
pointprovider.com
deposit.positlaw.com
www.restaurantebilk.com.br
melafood.samnite.it
sauvagenda.fr
housecrush.schultek.de
schweserbook.com
merchant.senangbayar.com
artemis.sherpa-app.eu
shreegaming.com
preview.socialife.ch
ira-financial-group.solerabank.com
tr.speakingathome.com
start88.app
farmlife.stefanhinterhoelzl.at
admin.s1.stx.world
qai.tanara.tv
thrillboxd.com
glpcertificacion.traquisa.net
rpg-tools.underengineered.dev
www.urbankirana.in
www.vetheal.app
www.victorjouin.com
livestream-demo.video.io
seller-foodtruck.wechefthailand.com
welcometorouteline.com
when2call.com
learn.wumbox.com
clock.yungol.com
zarod.net
www.zenappz.com
Other domains in certificate