Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=shaima.exthgen.ai
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 04, 2026
Valid Until
April 04, 2026
81 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
49:08:EC:A0:17:29:91:9C:B0:E5:FD:AD:75:3A:B7:59:C3:AE:C7:DE:12:8C:0F:7E:40:8D:61:95:E2:F2:E4:20
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
tap-log.com
www.aarfeen.com
antpool.cloud
skfitness.apithlete.com
archivedao.org
agenda.axiu.ai
www.bandileshabangu.co.za
artist.beautinda.de
binoaktiv.no
blackscale.tech
bluewalm.com
breydigital.in
www.caylerandsonscaps.de
chengbo.pics
www.chengbo.pics
www.cloudconnection.in
kav-systems.co.il
www.befile.co.il
virasatgroup.co.in
www.niyatibhat.co.in
www.deepurider.in
defter.im
www.deyang.rest
digitalmarkein.in
app.diliapp.com
dreamlabs.studio
hallpass.drevtech.com
jfse.drtis.com.br
www.earpulse.co
ecwebdev.ca
shaima.exthgen.ai
consult.georgetownenglish.com
www.gext.it
jjokji.ggm.kr
ghsoluciones.com.ar
grupozapys.shop
www.habl.app
www.haii.io
wake.hedaro.com
do.highvaluegrowth.com
www.hindurhuchischool.in
hipstrong.ie
aws.hola9.com
hsgfinance.in
www.hyperchill.ltd
shop.birendrathapa.info.np
swan-traveller-staging.ingogodev.net
internid.io
www.iolite.software
academy.jakartalabs.com
joinfithabits.online
localcleaning.co.nz
lsvconsulting.agency
navigointelligence.com
networked.events
www.nkyoto.co.jp
school.nothingbeforeweb.com
tcaht.novila.xyz
desktop.dev.omedom.com
pixel42studios.online
app.postredi.com
quotefi.xyz
resilience-technologies.org
rn-drawing-docs.ryky.tech
saay.app
satiyon.com
www.savylogistic.com.au
say-cheese.ro
serveandlead.com
sistemalibris.net
slopebear.com
www.smartreceptors.com
esmt.snapmentor.no
snsinternationalmarket.com
www.sohibkerja.com
qa.soundimage.io
lendwise.subbuapptech.in
transported.surtani.org
tokyo.mocks.synesthesia.dev
tarifasistani.com
techistconsulting.com
telsys.io
thelastaccord.com
theplato.in
theseus.pro
thowjeeh.in
thrinath.in
www.thrinath.in
towhid.info
www.vernimur.com
vintagemediatreasures.com
karancard.vyskatech.com
watchnode.net
whatgenius.com
win-financial-partners.com
wizzi.io
wowtr.tr
whatsapp.yesbee.in
www.zenriotech.com
ztud.io
Other domains in certificate