DNS Gurus
Open Cached · just now
91/100 SECURITY SCORE

Certificate Information

Subject
CN=alexechen.me
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 21, 2025
Valid Until
January 19, 2026 58 days
Public Key
RSA 2048 bit Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4A:76:10:1E:24:BD:3E:4B:10:29:EA:C4:63:1F:61:B7:AE:9E:26:A0:5F:19:C5:60:9E:75:97:78:AC:5C:7D:B8
Alternative Names
100 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Basic
default-src; script-src; style-src; +8 more
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains
studio-dmla.ca

Other domains in certificate

11521935.stratics.io
www.2d2.ai
aioremote.net
healthyway.aiqahealth.com
alexechen.me
www.alexharrison.dev
www.annaagutespel.com
apiatic.com
triada-teams.artymovych.com
asesoriasca.net
auth.vr.1729.com
helpdesk.avada.io
baogianhanh.app
bilo.online
brykesmarthub.org
reloan.bwks.app
canigraduate.com
club-off.chance-store.jp
clairture.com
cleareyetest.io
cn.cryptocat.app
www.devtek.info
donemate.app
droiduron.com
edocoh.com
emchrisengineering.ng
enjoypolly.com
comunicacao.enricomisasi.com.br
evernest.uk
disciple.ezer.digital
garrettl.page
www.genit.jp
www.getonmobile.com
gloventisolution.com
www.gnfincorp.com
equipos.haciendagolf.es
hacklytics.io
www.hamburguesaslafogata.com
kauriora.hemisphere.digital
cn.heynow.ai
app.hiboop.com
app.houseque.com
www.huizepoort.nl
www.integrityautophx.com
cheil.onsite.invue-live.com
ironmike.store
itpmconsult.de
ux.jennifernip.com
www.joelcollyer.com
www.inzetlog.katalysatorduravermeer.nl
verify.keibell.com
leafsnap.app
lifehandle.app
skolpraktiken.logiq.one
lucia.com.co
help.luna-x.com
magpowerpune.com
marceline.me
dev.mdopix.com.br www.mdopix.com.br
mechanicbro.store
meetmehalfway.app
mikecooks.net
mind.page
bodymirror.myelinh.com
onefactura.com
auth.parcarerealis.ro
www.pedefacilsolusys.com.br
penkrowd.com
www.pianofondue.app
picturelink.net
www.playbook.lk
primepitchdisplay.in
www.pythonrobotics.io
q8rn.com
quesjins.app
portal.radiius.ca
retrospective.pro
www.risqueoffer.com
rugkrish.com
suludemo.corp-internal.rxo.com
alpha-app.saladykorea.com
salvesen.app
sarasotafoodtruck.de
proves2.settingconsultoria.cat
pass.snipermonkey.in
srdirect.org
app.switchai.nl
dnd-codex.tdawes.com
toastty.app
tooshii.com
pro.preprod.truckrs.co www.pro.preprod.truckrs.co
admin.tsclao.com
vikrams.app
link.whiz.id
withinreach.in
wall-monitor.wolftech.no
yesmarketing.pt