Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=staging.alpharoot.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
70 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
8A:7A:40:6A:9F:ED:BB:D2:54:9F:B1:58:03:29:C8:3D:41:32:6A:27:E3:EE:D3:F0:99:C1:2B:D4:E6:A2:30:F4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
townsoft.jp
app.297logistics.com
staging.alpharoot.com
app.aperio.me
aviaterobotics.com
bagdadchasegoldminingcompany.com
ekycuat.banexcoin.com
partner-app.beep.club
entrust.betrustworthy.ca
www.bevdb.org
www.blackoutkey.com
bruceackland.com
caata.in
www.shop.cardsearcher.cardbox.sc
www.castodian.de
chrismuzzin.com
chuabatnha.com
cloud-vim.com
kastaraocean.co.id
www.dbracha-law.co.il
www.rekatekstil.com.tr
www.lariales.com.uy
www.crosslog.life
www.ctlife.us
portfolio.davidgranado.com
dfwontap.com
profile.digme.dk
doumbouya.dev
xuf6dge0.easyapp.co
td.edu.vn
www.edunow.co
tools.el-darto.net
casadodesign.esad.pt
expertfinance24.com
www.exquisitecorpse.club
fcs.re
fmad.ca
foxprotege.com.br
lumentop-staging.fyne.studio
goalyapps.com
beheer.hallovriend.nl
plan.heob-ip.de
www.howmanybeds.com
dev.invenio.indusenz.com
inventhor.com
ivanvotti.com
www.jacknutrir.com.br
www.jellylabs.co.uk
joconde.ai
josephbiden.vote
www.kilnrpg.com
thisplays2.kiosk-admin.com
konkon.me
kudafreelance.com
find.kumunua.kr
www.lahenlvi.fi
sct-dev.da.letsdive.io
www.littleacewedding.com
app.lumin.business
staging.maxer.io
design-approval-futura.moons.rocks
mythicalsociety.app
www.noodl.io
www.ollis.app
pajor-hodowla-papug.pl
app.pamodigital.co.uk
peetplaat.nl
linktree.pethereum.io
links.podeperguntar.com
prismlux.com
pskhan.com
puregracecleaning.com
speedometer.pwa.run
r-touches.be
rajascafebar.com.br
richardnguyen.rcadvisor.site
meac.sasanm.ir
www.serveox.com
xintl.skybounddev.com
jamboree.snapmentor.no
socaldpa.com
www.solidusertest.com
www.starlinkzuela.com
stgdconventschool.com
sunny7.co
www.suryanenergy.in
www.synaptiq.co
thedevguys.ro
console.tilt.rest
staging.console.tilt.rest
timecount.tlegal.app
www.torche.io
www.vilano.org
app.engage.dienstek.voyagernetz.us
www.whatproblem.dev
workandrise.com
stage-admin.triple20.xhibithub.com
auth.xyan.dev
yodaniel.com
www.onboard.yoyoreact.com.au
Other domains in certificate