Open
Cached
·
just now
88/100
SECURITY SCORE
Certificate Information
Subject
CN=heifergrowthtracker.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 04, 2025
Valid Until
March 04, 2026
55 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
66:0E:41:6A:95:DF:DE:09:C6:F5:60:7F:0B:85:8B:A3:6B:43:92:32:BC:A8:F0:E3:C0:25:56:8A:F5:F7:49:83
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
accelerometer=(), autoplay=(self), camera=(), display-capture=(), fullscreen=(self), geolocation=(self), gyroscope=(), keyboard-map=(self), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(self), usb=()
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
activepower.solutions
norma35.administracion-360.com
aerialjogagyor.hu
aict.aimmo.ai
dev.amiti.online
dash.ammeconsultorios.com.br
appi.cl
arqbim.cl
www.autoskopen.eu
sccschwerinvolley.deeplinks.bfansports.com
www.bigbunbudget.com
beta.builder.io
connect2bet.bzwr.net
appauth.canvidapp.com
rsvp.carola-lukas.eu
tech.cha-chi.in
mobile.casham.com.do
www.creativemaybeno.dev
dancechaos.com
testing.session-management.dataplace.ai
ingenuity.deskbooking.app
api.doid.dev
www.eastbluetech.com
www.elmshore.com
www.em3law.com
complus.enordigital.com
test.finvari.com
staging.fitnesspilot.com
app.fitreflex.com
inv.gataly.com
admin.golfinity-app.com
dow.goodgiving.com.au
greatjoy.today
harleybrito.dev
heifergrowthtracker.com
dieukhienquatrinh.id.vn
demodata.immodigi.app
incloudusa.com
is-my-baby-ok.com
app.jofanetwork.com
join.how
jyacot.dev
www.k3-sportmanagement.com
external.kards.fr
dev-auth.neuron-dev.keurig.com
www.kremers.co.za
lemihundesalong.no
www.locketcamerabeta.com
www.lonefisher.com
www.app.loqatio.com
www.lyfezen.com
salesplanr.midteide.com
minefavoritter.no
stg-app.minna-no-ginko.com
minute-log.com
myhopeplan.org
padel.nisart.eu
chart.novorpm.com
staging.oglethorpelodge.com
www.dreamtech.oshanrasanjana.online
par-t-cart.com
passive-income.pro
pivotalvaluedata.com
planetebleue.art
panel.printapic.hu
www.eduardostuart.pro.br
provement.se
admin-staging.pubq.se
analytics.qa1-raksul.me
quickstats.ca
www.redmedia.com
admin.sailcourier.com
saludjusticia.com
saudistatus.com
app.scalenda.com
cigrid-stage.scilifelab.se
sharangpai.me
mission.skore.dev
slavko.dev
www.smartway-ksa.com
www.soothe.me
my-home-qa.sophos.com
lutrivia.sqwadhq.com
www.stephenprabhu.com
www.strack.ninja
www.stuartrestaurant.com
suitescreen.tapacenter.com
rebecca.teedteed.me
thecolorfulcase.com
www.timandrisa.com
www.tivvit.dev
dev.trainingsmag.net
traxise.com
tripletize.nl
www.tutorandlearn.com
vacatube.com
hetzner.varahealthcare.com
villeband.com
vuyio.com
app.jornada.waylogtech.com.br
Other domains in certificate