Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=dev.wordesk.ai
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 12, 2025
Valid Until
January 10, 2026
56 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D9:5B:DC:46:29:BE:28:74:86:AB:BC:0E:96:A3:D5:DC:A9:5A:22:0A:06:B1:F3:A3:6B:C1:FA:1C:50:2A:21:87
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
choiz.io
1200secondsllc.com
pagelinks.atheer.qa
baileybutlersbigblockchainbusiness.com.au
api.boel.co.jp
static-dev.capp.fm
qa.clicknhire.co.za
gps.trackwheels.co.in
joose.com.pl
www.coquins-game.com
cr8software.net
www.crexis.org
web-qa.drops.me
skapa.ekokammaren.se
www.ericxia.me
notes-dev.fieldmargin.com
asdeowqvvc.forts.jp
jarasolis.com
kortadatum.se
kpws.jp
ksnowdon.com
dev.medstaff.care
www.nap.li
app.staging.napandup.com
notesfromaleppo.today
obiwo.com
prestigepromaintenance.com
primarycareofnevadallc.net
www.qhora.com.br
www.ramysakr.com
reelive.app
rondavel.app
www.sandblock.io
gitbattle.sasank.me
www.sitiorefugiodospassaros.com.br
www.swarmloyalty.com
go.techlanda.com
verify.uat.thegymcube.com
theitgrad.co.za
www.thesilverlighthouse.com
pokedex.tralmor.com
dashboard.tripnotepros.com
funnelgraph-builder.true-metrics.com
app.ttfittlab.com
www.turdballs.com
dashboard.tutornex.com
dispatch.ualocal170.com
comburd.umadevsoft.com
www.urgepro.com
www.usebltn.com
admin-stage.utnas-iw.com
form.utoc.ca
www.uvntea.com
vatsalyainvest.com
vatsalyainvest.in
changemida.vazapay.com
www.veeyeselectronics.com
www.venaliciumb2b.com
www.ventureka.com
www.vernacool.com
app.verscan.com
dev-system.verscan.com
www.vertexpackagings.com
portal.vetted-cyber-talent.com
partners.vhslab.com
app.viajescargasycamiones.com
fstatic.vibescout.com
admin.victory-garage.com
www.victory-garage.com
www.videtorrium.com
www.videur.com
www.villanovakleve.com
www.vilrokx.com
www.virginielgb.com
vision83.com
app-coocique.vitechd.com
buddy.vitspot.com
vkesports.com
help.voixtek.com
www.votenpa.com
voteolaughlin.com
votepilipinas.com
www.voyagermesh.com
vsslbase.vssl.com
vstoursja.com
vurgunhandcuff.com
www.vurgunhandcuff.com
w-eclat.com
www.w-eclat.com
wadehrarshpreet.com
verify.walterpicks.com
waterproofingbirmingham.com
weaponmastery.com
webbrickssg.com
www.webbrickssg.com
webdac.com
welcometo1984.com
whollacsek.com
dev.wordesk.ai
zerosum.cloud
Other domains in certificate