Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=link.areenasports.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 07, 2025
Valid Until
March 07, 2026
75 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CA:B6:FB:02:F6:BD:D3:76:68:31:1A:A4:27:45:B2:60:09:7F:3F:96:8D:7C:5C:59:07:D8:8B:3B:18:65:CE:3D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
test.devprestigeride.com
app.2doreview.com
63red.app
dev.accesscareapp.com
advertorials.nl
afrinov8.com
alarinaproject.com
appsolutefuturetech.com
link.areenasports.com
bebsabook.com
staging.bigordr.com
www.blockloop.tech
app-stg.boukili.ca
resistime.bracelit.es
www.bromley-conservatoire.co.uk
report.nexxt.bycopilot.com
catmuzzle.jp
www.chainswap.org
chanto.io
manager.chego.app
app.cloud-ace.com
www.codefutura.com
colinlarson.ca
www.contax.mx
dal.staging.admin.convercus.io
b2b.darwin.ua
diversitus.com
early.cl
carreiramuller.educpay.com.br
egodziny.pl
dev.evolist.app
tweetmark.filleduchaos.com
parrysound.firepermit.online
flutteroiditservices.in
friend.loans
www.game-cradle.com
gloudi.com
gofeds.com
app-dev-v2.gospurr.com
www.grace-lounge.de
haruirotakamatsu.com
pat.hcc.links.healo.app
dev.healthread.com
reptile.heydanhey.com
highschool.my
hoianbasketboat.com
reuben.honigwachs.co.za
luungocloi.id.vn
luxaztk1860.id.vn
www.inovafit.si
www.quiz.jaksmok.com
davyrv14.jaredsolomon.net
jhonland.com
karaokist.com
www.lascalamalaga.com
lifeassistant.com
join.longwalks.com
stg.mikoshi.io
mqdr.eu
japanese.nightcreationstudio.com
nyqu.ist
mksales.stuhhes.or.tz
unlimitedprinting.sandbox.orderprinting.com
oshi-colormaker.com
www.paolopasqualin.it
pfintools.com
phototuneai.com
www.plusonesolution.com.au
poppanda.club
qa-app.populi.ai
cdn.poradnik-transformacja.org
rc-online.reflection-method.com
www.roydenbrousseau.ca
app.senseweb.pl
www.sexy6.in
peppie.simontonsoftware.com
app-blog.smartcricket.com
cdvsmrlc5fhzfcnicphv.smartimob.io
novaxavantina.gerenciazap.smartmidiasdigitais.com.br
goldgym.sogafit.net
squireconsultancy.com
startrips.org
stepstopodium.pt
www.stlswing.dance
www.stockcontrol.cloud
www.stomio.io
strack.ninja
stubchat.com
firebasedesign.superlogica.com
tordle.de
research.valletta2018.org
auth-dev.valleypos.com
www.vicc.fyi
app.voiset.io
wavetotable.com
affiliate.websiteservice.co.za
signup.withyou.net
clients.woqoof.com
hclive.your.church
staging.zenport.io
Other domains in certificate