Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.sperleinlaw.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 23, 2025
Valid Until
December 22, 2025
43 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D9:98:7A:19:C2:54:5F:02:79:50:D1:39:11:40:B1:68:88:74:7D:CB:5D:35:F0:6D:86:8E:37:5B:EE:D8:85:FC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.gifygram.com
rh360.preprod.1st.com
arboles.acifuina.com
echeancier.ad-education.com
www.aic.dog
things.ajwd.media
www.alrehmanquranacademy.com
amznfinds.store
www.animeverse.co.za
app.annieandnate.wedding
www.apnetruck.com
www.apseng.com.au
www.ashkyle.com
assinare.com.br
wilsons.auassist.co.uk
mobile.slump.binni.co
bitto.jp
bridgecontacts.com
build-a-gazebo.com
app.catchme-app.de
patrickmadden.patrickmadden.clooster.com
www.aipr.co.kr
www.siip.co.th
pomodoro.code2d.org
dev.creativetherapy.app
cyboryx.com
www.danxax.com
dayonetechsolutions.com
dees.tokyo
diagnosity.in
www.ad-portal.diamondservicesusa.com
test.duckmouse.no
www.engrish.fail
www.exposeexperience.com
business.first-iraqi-bank.co
foryoursweetheart-freescreening.sg
www.glassplac.es
grshorinryu.com
reminders.harmslinks.ca
haywardshorsemanure.nz
app.headero.com
www.hensmon.de
ecal.herb-garden.dev
golani.highlander.cloud
imoveisbaruffi.com.br
research2.inukailab.com
www.iofext.com
ismileorodentalclinicleh.com
jlainteriors.com.au
jlocatio.net
johto-software.com
www.johto-software.com
consulting.juanguarin.com
jamroom.liveombre.com
lk-panenka.cz
lokveeraj.com
mahditalal.com
cms.manchestercodes.com
maxjndg.com
tickets.mymoons.mx
partner.nictpay.com
notify.nside.io
www.ofiebaako.com
olewinai.com
omraz.com
www.onsail.io
ordunodev21.com
pokefinder.owenhay.es
www.paloaltoturismo.com
triumphbh.pessego.com
www.piccolometrix.com
pocketland.com
community.quadqode.com
www.rabbitdoyenne.co.za
www.repairscard.com
seolentop.site
servermemo.com
mobileapp.setoko-test.com
www.menu.shot.ae
slared.cl
app.smarthamster.se
solofindr.com
www.sonar-me.com
www.sorobanquiz.com
www.souqtajer.ma
www.sperleinlaw.com
dls.sprxvr.com
szoljonrolunk.hu
thebonningtonbeast.com
www.thepcrtest.com
tiendex.com
www.tsutlovic.ca
turnsit.com
virtuosoassist.com.au
www.simon.whomever.dev
wifi-speedtest.com
writingstudies.net
www.wyawin.com
demo.callbot.yitec.net
www.zazzy-ai.com
Other domains in certificate