Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=prenota.paiazo.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 24, 2025
Valid Until
January 22, 2026
47 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4D:66:18:DF:2F:80:C5:BB:96:45:4A:9F:A2:34:72:2E:31:F0:7A:DB:90:47:1E:74:EC:A7:68:49:85:35:18:CE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
axiomatec.de
cocowok.abacus.co
alethea.care
amithgc.com
anyviaai.com
ng.bantumart.com
bardamri.com
bjornskov-ehmsen.dk
app.bloombud.co
briidge.dev
test-retailer.bringly.nl
bill.buitientuan.com
test-rider.buzztop.io
www.charlotteasencio.com
charlotteirlen.de
www.checkinevent.com.br
checktravis.com
christophschuette.com
www.cloudreports.ru
moneybook.com.hk
mogdownload.worldpos.com.my
next.coolrmsil.com
www.dellajunior.com
demokrat.io
dhartputra.in
cornbot.ehealthafrica.org
espahelsinki.fi
savr.estellepicq.com
game.exhibitionstockholm.se
www.faridrahim.com
fastip.us
flywheel-dispatch-business-test1.us1.fleet-dev.com
garden-king.hu
fiap-dev3.getlychee.link
www.getpowerhour.com
freetrial.grazieapp.com.br
incentivendas.com.br
swdev.invue.live
www.iskial.pl
kandkmlimited.com
www.ki-hub-bayern.org
www.km2025.pl
resume.kouzin.net
laromecolombia.shop
laxxco.com
letstalkcoach.nl
auth-staging.loomino.dev
lumasolana.io
www.mage.pk
zaki.manian.org
misttri.com
www.modern-eye-gallery.com
modlz.app
app.monitorqa.com
admin.motionbro.com
msnunesfaggion.com.br
mspunjabisahityaacademy.com
www.mspunjabisahityaacademy.com
mypipjournal.com
neku.cc
www.niordie.com
premiumapp.novos.gg
omerkahraman.com
onefile.co.nz
www.iaeste.or.jp
otwu.oysho.com
prenota.paiazo.app
www.panaceasas.com
app.pinjammodal.id
queenaurora.piticommerce.com
www.pretz.me
app.promotorapresenca.com.br
www.quicksave.pro
www.readr.online
www.redwayeuropean.co.uk
www.repka.dev
www.saleswolves.io
www.science.dev
www.servicemall24.com
www.shoplink.app
ams-app.skonnect.io
starlinkmongolia.mn
stone.ng
app.subs-manager.com.br
technika.com.br
www.techsauros.com
telzonemobiles.com
www.terrific.live
www.thaisomworldwide.com
www.tnssca.org
admin.tokyomixcurry.com
admin.dev.app.tripp.com
ayzeplastik.ultof.com
www.uniqule.com
uqaabs.co
vase.fi
www.verticalaisummit.com
www.wordsandmagic.com
yescrepes.com
pay.zyffy.com
Other domains in certificate