Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=widget.powerfeedback.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 10, 2025
Valid Until
February 08, 2026
70 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
49:C2:69:08:54:05:12:4A:13:DE:0B:B3:31:19:53:FD:32:4E:22:16:66:F4:6F:EF:65:54:E8:51:C3:9F:6C:96
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
anofox.de
2planner.com.br
act3sol.com
ai-dreams.net
ttlsubsea.anekonnect.io
sunwatt.ar-energia.com.mx
app.argentinaassistance.com
checkin.kce.atomx.asia
aussiesofttech.com
staging.avivanaturals.site
avyukt.net
bakhooralanwar.com
bibeltag.org
www.bibeltag.org
bmass.app
brainrot.ch
foodlens.app.claudiopietraviva.ch
rabbitfoots.co.in
www.codingcabin.org
cpningenieriasas.com
manager.csport.app
manager.cuadra.com.mx
fruit-testing.denict.com
www.deniskarpenko.ru
echoesofexpanse.com
elynch.info
demo.entrig.com
eoscertacademy.com
www.gamesmith.in
garciaytrejo.com
getoy.de
app.hodai.globis.co.jp
osaka.grace-pro.jp
greenappleschool.in
gustavoelprofe.com
hambletonlandscapes.co.uk
hiddo.live
hotelvippraia.cv
i360.la
nguyenminhduc392006.id.vn
tracenode.it.com
itaqwah.store
jaquin.net
jeffsheffieldart.com
joe-shea.com
jonathanborg.net
khauho.com
auth.landdding.com
leroclangres.fr
apps7.lumapps.link
luxecommerce.cz
ai.maltu.my
admin.sandbox.manifestfinancial.com
connect.sandbox.manifestfinancial.com
mgy.one
www.msofficeforlaptop.com
staging.myscantag.com
nana-chia.com
www.newtricksbridge.club
maegis.noeupapp.com
espelho.nowplataforma.com.br
optara.com.br
www.optimaxsoftware.com
resources.orogamis.com
performatrix.in
pharmor.in
app.pilleye.io
pokoleiksiazki.pl
widget.powerfeedback.io
service-dock.prayser.com
app.public.proteinsoftware.fr
urlshortner.rkoppisetti.in
jeffrey.rogie.rs
inovar.sahainfusoes.com.br
www.servigest.com.br
signaturecollections.in
www.smartgenesolution.com
softolina.com
solanaweb.site
spherefox.com
www.spragueawning.com
srikamalambikapapers.in
sunopromptbuilder.com
tackletracker.de
talian.rest
www.techspert.ph
echarge.teklysolutions.com
dre.tetra360.com
thebotninja.fun
tusk.dental
twistedrealm.net
unico-app.eu
www.upuranos.com
www.webninjapr.com
wkstyle.jp
hd.xevstrategies.com
ytrankify.pro
trendoz.zechra.org
staging-hot.zenport.io
www.zikrapp.co.za
Other domains in certificate