Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=shop-dev.fresto.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 04, 2025
Valid Until
March 04, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CD:FF:2C:27:2E:0D:04:42:F8:40:D0:4E:B3:02:12:BE:98:30:11:F8:33:C5:D4:B0:A7:0D:78:58:FD:DD:88:A7
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.face26.com
adeebahmad.com
alcoprinting.sg
www.aperturewideopen.com
idt.apli.app
dashboard.avdvvn.org
form.awsankara.com
www.bernardotavera.com
apps.cec-projekt.de
www.chirr.app
japam.chirravuris.com
chymakii.com
cloudhop.in
erp.editt.co.kr
copy44.ru
auth.corretoramarcia.com.br
api.creatordb.app
dashboard.creekmore.marketing
zema.crostudy.com
www.danielroyo.com
datestress.nl
www.debiasi-comploi.it
www.ditchyourcards.com
dkterma.com
demo.ducksoftware.net
duosys.gt
app.einweisungsapp.de
farmssystems.com
fenek.eu
dev.fframe.app
slides.findera.app
fivestarsmeat.com
framingeinstein.com
www.frequencya.com
shop-dev.fresto.io
organisers.game7.in
www.hatchapp.net
hiteshrana.in
beta.homeappter.com
www.honest.plus
hudaapp.com
ideawale.com
ilovecheddarcheese.com
buy.invcreate.com
advisors.ischoolconnect.com
www.ishaankarnik.com
hr-admin-dev.itlicious.be
jillianashleybruyere.com
www.joegelay.com
staging.k-9access.com
dashboard-remote-expert.k-digitale.com
spt1972.kalliopesoftware.dev
kotie.com
landscapermn.com
interview.leeguoo.com
www.lemondeestunecamera.com
ops-staging.limber.work
livehear.it
www.locker.fi
lostic.xyz
kiskiai.lygis.top
www.madkoala.com.au
mailto.io
skillcheck.mamagakuonline.com
manharbhola.in
menupty.com
modernsmartspaces.com
app.movable.co.nz
mtigcascalheira.com
www.tallerdtres.net.ar
www.nocturnal.games
appqa.onepay.cl
phyathai3-prestige.plaping-dc.com
primerestock.com
progressier.com
www.quickcabjorhat.in
radaba.id
link.ridmik.com
simpleretro.xyz
blogg.somedaybusiness.com
app-staging.stomio.io
verified.storymight.com
rmsoundboard.studio42dev.com
quiz.syoung.fun
fire-apac.sandbox.tapico.cloud
taskplanning.app
thepcrtest.com
beoordelingen.timingcoach.nl
beheer-test.toegang.org
navn.trycreative.tech
twic.jp
www.twomoons.xyz
www.ufincs.com
app.undock.com
useopti.com.br
varend.in
www.voiset.org
wavexabyss.co.uk
calculadolar.wenoa.studio
demo-blue-archipelago.wiselysoftware.com
Other domains in certificate