Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=firebase.migaku.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F6:6B:A6:B1:72:22:D4:09:71:1E:05:3C:E0:CB:45:AD:A4:4A:14:C8:56:B4:07:2D:8E:39:25:88:B6:CF:AC:BA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.omaka.mx
830knight.com
achadosstm.com.br
agronovas.uy
site2.allyable.tech
alzaidy.sa
app.asopos.nl
admin.badgecred.com
link-accounts-dev.biocertica.com
bhyve.blacksmithlabs.com
www.bricoda.net
carp.network
cephalchemist.com
tv.cgmj.org
www.chartoy.com
command-center.chilli.club
clusterlabs.com
www.cockloft-artist.com
www.congregate.me
www.crewmind.co.uk
link.cubebik.com
auth.panelytics.prod.da-service.io
darakhzai.com
www.darakhzai.com
stg.dentalmap.jp
dracarolinaparra.com
referral.eblocky.sk
edusphere-lms.edthos.com
www.expect.digital
www.fast-budget.com
forecast.my
www.frederickirchhoff.com
painelmahatma.g2canal.com.br
gooddogs.xyz
greifmatthias.be
grocerieslist.app
kecleon.hanse.ventures
harpy.gg
preview.hundertschaft.com
controllers.icacs.io
kitakon.pilot.ictlao-soft.com
app.infina.vn
betadashboard.ipercash.com
account.italian-artisan.com
itsdone.app
cindomatch.jonajo.com
biz.justthankyou.com
iotconnect-hauber-graf.kapion.de
kilnrpg.com
app.kopark.io
app.lancasterbaptist.org
leontaylor.co.uk
sct-prod.da.letsdive.io
luango.com.br
www.mapin.me
firebase.migaku.io
ocean.mirreal.net
www.mjlawson.net
monnopz.dev
mumbl.name
ninhvudigital.com
trakan.npo-jaaa.or.jp
vmpl.texbit.otobit.com
epg2.packarabia.tv
permmoore.com
admin.pomelo.io
popiply.com
www.praythedice.com
www.primospizzacarbondale.com
craig.profile3.io
abbott.pulpouplatform.com
devadriel.quantiqup.com
rastox.com
www.rbcschicago.org
best.renumia.com
www.savrpay.com
six.seattleindies.org
sellwith.live
referral.snapfood.al
yeloo-dev.solfun-tools.com
sonomai.com
adnet-link.spaceeight.net
www.spades-game.online
sn2o.speakylink.com
sualoto.com.br
testsmell.com
thehpl.in
theyu.net
thingular.com
tjrcadd.com
tradexagent.my
uforetrygd.no
xro.ultraxas.com
voskcompanymining.com
www.webasembly.com
wesselbuchling.com
xai-demo.de
app.yoonify.io
hclivetest.your.church
zipmap.io
Other domains in certificate