Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=curipha.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
60 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
18:A1:17:01:7B:A9:B5:64:19:FC:4D:DD:EE:21:C9:3A:15:24:E0:A3:FB:D1:38:6B:36:68:06:79:B4:12:5D:54
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
user-auth.huddlebrasil.com
staging.101southmarengo.com
www.aemlinks.com
www.aeonsportsperformance.com
pretmex.akibaa.com
www.anujandemily.com
home.barracks.gg
rallystats.bronzelabs.co.uk
casaarriazu.com
www.cash-discounts.com
www.catherineoakes.com
dev.chroniker.co
b.cirmena.com
cafeduran.clau.io
www.cliftleighcarwash.com.au
worship-songs-m.thearchitect.co.in
stockreport.boolio.co.kr
curipha.com
www.datails.nl
dcskneeboardbuilder.com
business.dejafood.com
domu.plus
obrain.dugward.com
www.eisenmatrix.com
www.fixxerupper.co.uk
find.games235.com
fullspeedracing.games235.com
happyglass.games235.com
poppoprush.games235.com
streethoops3d.games235.com
towerclimb.games235.com
gastrodelivery.de
portfolio.giuseppenappo.site
crm.globalstarprojects.uz
app.gloo.chat
app.staging.go-2-work.com
admin.goboxusmx.com
www.admin.goboxusmx.com
academy.gohacking.com.br
guitarlessonscanterbury.com
www.harmoniebiervliet.nl
www.hcanywhere.com
www.ican.chat
app.istrive.io
www.ixiasolutions.com
www.jengabim.com
kevinzaki.com
www.kramer.tools
lb-wykonczenia.pl
stage.logomedo.com
ingamenews-admin.lotum.com
www.maheshwaricaraccessories.com
mercadeiro.com.br
www.merklewood.com
miki-imai.com
mycard70.com
www.myshout.co
axis.natmatsci.ac.uk
www.neighborhoodally.org
nubile.sexy
app.onyxprivate.com
oolab.co.jp
oshunwide.com
pochitime.com
powow.co
recipe.pruim.co
app.ptnurse.com
quotingcentral.com
status.ramoncuni.com
rapbattle.online
redvalerian.com
www.rglvn.com
roulettedarts.app
seakast.com
body-score.shinyorke.dev
sdis71-app.speakylink.com
sdis71.speakylink.com
esci.strategicinsights.co.za
www.suscomp.com
auth.swazzen.com
tabi.dev
www.thelin.app
dev-links.thestardustapp.com
tierla.com
tomosterbind.com
tpbiochemtech.com
shipcraft.tribal.app
trickstrat.com
trondheimhundehall.no
www.trumfosdelpirineu.com
tsukuaso.com
console.widget.unifyapply.com
unit-ease.valeera.co.nz
stanford.visionbeyond.app
warcomposers.co.uk
wellet.us
www.customers.workeo.us
calc.ygotools.com
www.yoonicode.com
zntsns.com
Other domains in certificate