Open
Cached
·
just now
89/100
SECURITY SCORE
Certificate Information
Subject
CN=prestigeloungepa.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 27, 2025
Valid Until
January 25, 2026
44 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
8C:91:97:AE:E3:91:E8:1F:8F:C4:75:35:84:6A:0A:41:47:AC:0C:44:8E:9B:24:5C:D2:09:E4:3F:D4:53:CB:78
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; worker-src; script-src; +7 more
default-src 'self' 'unsafe-inline'; worker-src 'self' 'unsafe-inline' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' workona.com *.workona.com cdn.mxpnl.com *.firebaseapp.com *.doubleclick.net *.google-analytics.com *.googleapis.com *.googletagmanager.com apis.google.com connect.facebook.net js.stripe.com www.google.com www.gstatic.com accounts.google.com *.hotjar.com; connect-src 'self' workona.com *.workona.com *.google.com *.googleapis.com *.google-analytics.com accounts.google.com *.mixpanel.com *.found.io api.unsplash.com *.hotjar.com *.hotjar.io; style-src 'self' 'unsafe-inline' fonts.googleapis.com accounts.google.com; img-src 'self' https://* data: blob:; media-src 'self' https://*; font-src 'self' fonts.gstatic.com cdn.workona.com; frame-ancestors 'self' workona.com *.workona.com app.clickup.com; frame-src 'self' firebasestorage.googleapis.com js.stripe.com workona.com *.workona.com youtube.com *.youtube.com *.youtube-nocookie.com *.sibforms.com *.doubleclick.net www.googletagmanager.com www.google.com docs.google.com accounts.google.com calendly.com meetings.hubspot.com *.zapier.com zapier.com;
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.workona.com
alquilervillabarrosa.com
bangalore.anbudroptaxi.com
www.andreealipan.com
unicorn.apricote.co
artesaniasenigma.com
awmeducationservices.com.au
baters-calcutta.com
bauunternehmen-spille.de
bfer.app
www.bfest.app
info.bitlight.kr
bits-shifted.com
admin.biznex.uz
bldkorea.com
www.bogdanmateiuc.ro
chatflix.nl
app.colandcol.com
coldmind.com.br
f.com.my
demo.nu-tech.com.tw
csdinternationalschool.com
davidtheliu.com
www.defiance.group
djamo-distribution-staging.djamo.io
www.domicilioscanaveral.com
www.draperfc.com
www.dundertoner.com
eliasvsimon.com
eq8.app
pitt.etraderex.com
idf.femiglobal.com
filmting.no
wsh.fiopl.com
webapp.flixjini.com
www.fontanazza.it
fullscreen.page
pro.fundman.ai
www.globalsportsme.com
virtualassist.healthgauge.com
powerboxing2.impactwrap.com
url.inbodyhome.tw
pre-backoffice.infolibre.es
swan-hub-test2.ingogodev.net
acceptance-de-aginvoice.input4you.be
www.job-right-now.com
aff.kidsup.asia
king-code.online
www.kzfood.ru
lawindz.com
linkpetal.com
www.liorkoren.com
mc.liveforest.kr
app.lordsofsloth.com
www.maddiemouse.com
mangucode.com
maodino.com
maxbet338.online
portal.medcury.health
stageapp.meny.dk
merakiapp.co
reg-app.minna-no-ginko.com
msdonlinebet.com
www.mymoons.cl
go.mypips.app
namsu.app
kd.nhaphangorder.vn
ntanarestaurante.com
biodata.padmanaban.in
personalinsight.co
console.pay.phan-tec.com
dev.sp.pinggo.co.za
stg000001-auth.pocket-collection.com
prestigeloungepa.com
procomps.gg
project-walden.com
www.protosimulator.com
puntourcana.com
rappisuper.com
blog.researchdev.xyz
connect-ng-analytics.rxoconnectdemo.rxo.com
sherawaali.com
app.siju.it
staging.safracontrol.souagrosolucoes.com.br
www.stambenagradnjavojo.rs
fabric-edge-docs.techaroha.com
www.temanhaji.com
termo4cipm.com.br
link.thetanarena.com
tidsi.co
www.resume.tonytongvideo.com
tpzimmerman.com
dev-vip.trackdmusic.com
app.twipri.com
dev.vaxt.co
verhoefconsultancy.com
app.vidyalai.com
app.wakeupwarrior.com
yaale.com.au
zairaperina.com
Other domains in certificate