Open
Cached
·
5h ago
77/100
SECURITY SCORE
Certificate Information
Subject
CN=mediatorbase.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 28, 2025
Valid Until
March 28, 2026
75 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
05:EE:EC:85:24:CA:D5:5F:AE:7C:E2:D3:42:CB:1D:4F:2C:48:07:34:A0:35:9A:3D:A8:05:0D:97:47:53:93:26
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
reap.studio
assets.11yearsafter11.nl
link.4shared.com
docpress.adaptivedev.in
workspace.forms.adaptivedev.in
app.arborlearn.com
wadud.aurify.ae
next-in-show.b-reel.com
baintec.com.br
ballerinas.nl
barrio.systems
block-games.fun
www.bonviewchurch.org
brandbarrio.com
app.breathe-meditation.com
grafik.brzozko.pl
callmed.online
www.cleandirty.bg
cllp.se
www.cmcrackers.in
powlink.ezpmp.co.kr
postular.colsan.cl
www.innovate.com.ph
cloud-staging.corebodytemp.com
internal.cphtrackers.com
crosshotelandresort.com
csubcamps.com
www.csubcamps.com
delis.xyz
clientportal.diamondequity.com
auth.dogonews.com
drinks-up.uk
go.dugoutmugs.com
experimentalfab.com
esbtc.exsat.network
test-f298hf2.fanmio.com
www.flogsm.ro
www.fridaydd.com
gallowaydigital.com
garvithindustan.com
sou.stag.gen-t.science
gmail.ghiveci.com
giverodabuck.com
goatfitness.com
grupobude.es
hannessonadmin.com
staging.www.hemmi-kikaku-shopify-app.com
www.hendryzheng.com
hydrofrolics.com
hypernovadev.space
www.hims.ida-org.com
dpi.ilog.ai
innovaintec.com
kiosk.insyncapp.io
www.jeg.li
agenda.judel.nl
leftbrainrecords.com
losthobbies.com
cantinabomsabor.lupi.delivery
maketheprint.shop
mediatorbase.com
app.merch.ooo
mlpropertyholdings.com
www.mtxelectronics.com
mybridge.center
app.nazara.si
share-dev.pace.fitness
m.parkera.app
auth.precheck.ai
stagingchatengine.proxtera.app
rapidgateway.pk
rethinka.com
www.rgllima.com
sandanski-optic.com
sellingify.com
shoplocal.seva-u.com
www.shoppear.com
xt9huxfvyzri7mwzsos4.smartimob.io
soundinbetweenness.org
app.souschef.io
dashboard.sputanikwealth.com
www.stratento.com
info.sviamiprimonraj.in
swiftcloudtools.com
be.testla.nl
staging.texel-arts.com
www.thetwinsbrewingcompany.com
meals.tleifj.com
www.tokenalerts.app
auth.tutorfinity.com
citroen.valk360.com
if.vmay.com
www.walkie-talkie.io
nexo.wearexenon.com
tz2.wewonder.com.au
testlink.wisdom.audio
via22latam.workspace.training
www.wsr-starfinder.com
app.yenshop.jp
go.yourappstudio.com
Other domains in certificate