Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=notes-staging.fieldmargin.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 13, 2025
Valid Until
January 11, 2026
52 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E6:34:42:B9:69:DE:BB:6F:6C:C9:76:3E:45:74:5A:F9:30:6B:E8:D3:1A:B5:58:C8:F4:65:86:B0:24:0D:0B:1E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.ela.network
ranipet.1droptaxi.com
salem.1droptaxi.com
www.99ideas.es
www.abad.tj
otodeger.acrfilo.com
akicon-app.jp
attractionsupporttest.amero.dk.attraction1.ameroservices.dk
anaghatechnologies.com
www.aprenda.app
ashleymethot.com
awesome-launch.com
app.barglance.com
bindebank.com
www.bindebank.com
bookstack.co
www.cadiviazadur.it
campsyte.jp
cielonow.ca
pet-tracker.cloudscript.io
hackaday.sirisoft.co.th
app.citymall.com.mm
admin.futuresteps.com.sg
carloso.com.uy
defpotecmx.net
delautrecote-garlin.fr
dieta17.pl
docode.se
app.easelry.com
notes-staging.fieldmargin.com
fisiolog.com.br
frans365.com
hm.freeflyers.com.au
vac-rsa-app.frt.vn
bluebear-admin.geneowebapp.com
production.gets.cloud
ghoody.com
requester.link.gigsmart.soy
www.hermitsrest.com
app.homeforever.org
www.hybridshivam.com
www.inststoalanko.fi
www.jasperreddin.com
jeroendevries.me
www.jokincuadrado.com
jvelaz.com
www.donations.k-9apps.com
www.kikbak-app.com
www.konyataksioguz.com
lanccikorea.com
www.leqembilocator.com
annonce.letrico.nc
lsbcus.littlebitpositive.com
nongdan.loctroi.vn
api.nimda-2.love4succulents.com
link.manualdablogueira.com.br
kohlipe2.mapleworkspace.com
www.mariosushi.com.mx
www.masteemoji.com
auth.measureschool.com
auth.milo-ml.com
www.mosevang-jelling.dk
app.myfishingmaps.com
www.native-tech.net
appwiz.netomos.com
dashboard.oaimstudio.com
www.omamacoconsciente.com.br
osorioyortegainspecciones.com
dev.outflank.com.au
www.packersne.ws
petcircle.dev
petspier.com
sponsor.pharmaawards.ie
solitaire.pmang.com
prabhakarselvan.com
www.rodrigorosario.es
www.roonlabs.com
s2e1.com
shriramnursinghome.com
siciliavacanze.me
sjctrust.com
southwestrebar.com
spearheadinc.com
spunkyfantasyparties.com
elite.swifs.io
www.swipe-up-to-play.com
swyftpos.swyftech.com.au
www.taxiserviceonline.fr
admin.tennerapp.com
www.thetiburondon.com
treysumida.com
uifaces.com
unknownartifact.com
app-staging.uprise.ai
www.wanpass.me
www.warofcolors.com
dacadoo.webplayer.fit
wehbdeveloper.com
manager.wittar.io
zeusfreightforwarders.com
Other domains in certificate