Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.getredeem.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 07, 2025
Valid Until
March 07, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F0:4A:7B:4A:0E:6C:BE:65:48:53:9D:CA:F6:AD:6B:0B:EB:D8:0C:D5:6A:99:12:86:EE:38:E6:02:CE:C9:CC:08
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.alpwcm.com
3-space.com.mx
groundup.abacus.co
flynn-labelers.aimmo.ai
www.arney.com.au
dev.autogramm.io
app-dev.blackuptech.com
app.brillanz-service.de
mike.bundy.dev
app.camlanngames.com
cilat.online
clinicastyma.com.br
stockreport.boolio.co.kr
codergym.fit
dantelstore.com
app.datadumpling.ai
business.dejafood.com
devprompts.ai
diamonddconsulting.com
go.drivs.io
www.ebatechnologies.com
eddiebush.me
curriculum-virtual.edsoncamargo.dev
webeditor.educobot.com
web3.emendes.com
dashboard-staging-mtls.ensodata.com
www.expanddata.com
gdqu.foodle.su
www.formworkflowplus.com
franzz.app
associadosincomerciocatanduva.g2canal.com.br
www.getredeem.com
qr.helloband.dev
huegoal.com
iamsimonc.dev
info-quintessence.hr
web.instaeats.com
ironfitness.in
www.ishalearning.com
parking.ismartnav.com
manager.kangusmart.com
www2.latentidea.com
learncs.io
lisamaccarrigan.com
chimera.littleobelisk.com
social.marilyncordova.com
app.meaprova.ai
www.mertensit.be
baby.militutu.com
teacher.minisuku.com
pasreform.moreapp.com
musicalbucherdigital.com.br
myprojectcorner.com
app.navisaviapp-links.com
www.nuraksworld.com
admin.olimpia-botanica.com
optimisticparadigm.com
oumarbenlol.com
www.bookscout.oxlac.com
app.participaction.com
h2k.piticommerce.com
www.pmuxdv.com
www.protensao.org
raysasv.com
test4.res-cue.com
www.rishabhk.com
rounda.co.jp
www.samsinfosoft.com
scoutmode.com
sebasarango.com
shebhosting.com
internal.shiftlive.jp
smokinbuns.com
smokyvalleyupholstery.com
salesman.sp2smalaysia.com
www.spiceceylan.com
slider.sqiffer.com
esci.strategicinsights.co.za
www.straylab.org
www.superhome.ai
api.superinfo.com.au
sushihousevilanova.es
thepartners360.com
hillsgsf.thepetdoor.asia
www.treevox.com
trespiel.es
www.app.unepstrata.org
unwalledgarden.com
ucontrol.telecom.utelemetry.com
uxatik.com
vambuu.com
vasco.work
www.vedantacalgary.org
www.veterinaria-jalisco.com
www.waitcle.com
wenheymobi.com
williambanquier.com
kids.wineazy.com
contactless.worldofsos.com
staging.business.zeno.ltd
Other domains in certificate