Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=binxu.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 05, 2025
Valid Until
January 03, 2026
52 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
54:41:A8:E3:23:C5:96:8C:59:B5:A6:AC:55:96:DA:E0:B9:9F:83:95:7E:D3:81:1F:3E:D1:29:92:6C:DD:57:5C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.daystay.ph
www.365-promotion.com
www.4085old3c.com
apollonea.com
awee.live
www.babynatal.com.mx
bailey.marketing
www.bdas.fi
www.bestonapps.com
app.beyondnetworking.ca
binxu.io
restaurantes.bom-ec.com
bompsyche.kr
sonnen.bregnvig.dk
www.brendondugan.com
labz.broccolirecords.com
zcv.broccolirecords.com
buffalocityapartments.com
www.canidrivethere.com
cermainc.com
bridge.clintex.io
bscstake.clintex.io
src.rohan-koirala.com.np
enlink.dnse.com.vn
klippa.compli.nl
getcreative.d8a.me
app.delicoffee.es
devproj.com
cms.discriminatiemelder.nl
simple-links.djmoberg.com
eirik.io
www.escapades.dk
ffrk.jp
fieldflowlogistics.com
demo.fintalent.io
fluffyfall.com
g2corp.g2canal.com.br
geneburnscounseling.com
gietvloermakers.nl
gloriaescobar.com
www.gustavoavila.dev
demo.hdoc.io
www.hrabrenjuske.hr
goyos.hrtech.com.br
hurtigruten-schweiz.ch
internethogar.com.mx
beta.journalpanacea.com
isabelle-bm.ju-ch.com
karaokejockey.in
staging.kulturecity.org
locibook.com
lyanroy.me
despesas.malvre.com
www.marian.work
www.matheusdesa.com
nye.mcbarron.net
portfolio.mcmullin.app
momtter.com
mugprinting.in
alfarell.my.id
booking-kit.mymoons.mx
omnia.tel
kds.bbcj.omo-cloud.com
usala.parsii.co
www.penzionstaraskola.eu
pizzamoureux.com
plusvision.co.jp
sports.practicemakes.io
queryconsulting.hu
www.rbper.com
app-staging.rebentify.com
www.reikista.com
star.ritterlarsen.dk
www.rivoluzionepsichedelica.it
cursos.samsociedad.com.ar
app.setaside.money
alpha.web.sharezone.net
shayder.space
qa.platform.simskills.io
app.skinlux.at
www.skl.ro
socialvelocity.io
vesting.spacefalcon.io
stocksnblocks.com
www.studiopozzicommercialisti.it
www.stygianlabs.io
sunsoup.art
www.tamasha.live
schedu.edifyin.teamin.in
cobot.techflo.io
www.teesnipe.com
tinvoice-staging.tintash.com
tuntscorp.com
chat.twerdy.co
www.vendettarossa.com
cnca.vertikaliti.com
test2.wavpe.com
wwwgoogle.fr
yadils.com
zigii.net
Other domains in certificate