Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=bechdeltest.dbr.mn
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 20, 2025
Valid Until
February 18, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E0:33:F7:52:3E:E3:07:DA:37:D5:B5:5A:07:E3:32:E1:5F:39:CD:69:E6:2D:1C:F9:8E:8C:B4:15:5F:7C:CE:56
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.line39.com
2018.devfest.ch
houseoffades.adaptivemedia.dev
agploy.com
alexarte.eu
app.dev.alignwith.io
links-tracking.alltrippers.com
raion.amnotify.com
andyarias.net
app.annoframe.com
www.aranalbandian.com
www.aree.ba
atheneasolutions.com
www.atstk.com
bitesbridge.com
bluerippledigital.com
bradwhitfield.com
apps.c306.net
casturl.com
catalfotechnologies.com
celebsapp.com
ecc.cems.app
admin.cgame.app
referral.ajaib.co.id
smop-link.togu.co.id
coldice.net
vcp.freshup.com.hk
www.comefollowmeapp.org
dev.commandeer.rocks
cpak9.com
auth.cuttles.us
auth.ej1.cyberhaven.io
bechdeltest.dbr.mn
decofurn.co
dersinvitational.com
www.diviniti.tech
app.doceo.link
www.drugcare.app
eahanatuitions.com
www.eluketric.com
engrammic.com
etagamma.org
resident.fetch.st
legacy.homehabit.app
app.hundefreunde-wu.at
innogehlalab-cmu.com
juned.app
www.kayamataband.com
admin.cirebon.kindergym.id
berriespartners.klayware.com
www.le-bar-paris.com
www.letshike.co
licitou.com.br
staging.business.lifebrand.life
linelesslife.com
www.mannaltecsettlement.com
admin.mathasa.mx
typingtool.matrixengagementgroup.com
mgjs.dk
mistrygardening.com
momok-r-blog.xyz
mynutritionstation.com
www.nesteggapp.com
noncents.games
www.obakemask.net
obavestime.rs
www.paysly.io
app.picky.vote
report.pilargapuranusa.com
www.pradco.in
premiumwebsitecreator.com
demo.core.prestoexpress.co.uk
horne-vi-qa.psg-labs.com
payments-test.pubq.se
int.pulse.cash
rakumi.jp
admin-staging-5.rapidsearch.app
beta.portal.riggsdavie.com
gentwitterkensakuurl.romantique.jp
www.royal.wine
d6-dev.rubyx.io
auth.sayfresh.id
www.sheild.life
shinefunctionalmedicine.com
www.samtadoot.shrameco.com
slidepro.studio
rei.slsllp.store
online.smartseniorsavings.com
softwaretestcourses.ie
www.spanishwithbenito.com
www.stevehwg.com
prod-v0.tecore-client-cdn.timeedit.io
tioha.com
www.ul.no
www.vapaux.co
www.vvdlab.io
manage.vytlsft.com
www.wesmcada.com
wheelofnames.xyz
v2.zigbuddy.com
Other domains in certificate