Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=guenda.xyz
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 09, 2025
Valid Until
March 09, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
22:57:F1:23:40:E0:85:17:A8:20:5B:96:0C:DF:04:DD:40:51:1C:C5:4F:6A:93:5D:A4:94:F3:E8:97:40:86:92
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
codju.com
aiboosted.biz
annasolecka.com
anpulse.com
www.anyareads.xyz
appres.org
staging.link.awarefy.app
www.beatrust.com
blackbeardroyale.com
bossmydata.com
www.brareytv.com
admin.brollyhub.com
dev-talking-talent.bloomberg.cake-lp.com
firebaseapp.carfinance2u.co.nz
charitytoken.bio
www.chengzhi-wang.com
christophermckimmie.com
gemper.dallaenae.com
deancode.com
www.delfspec.com
www.shop.designideas.net
staging.digibooking.at
digilege.no
dozingcatsoftware.com
soporte.duodecimstudio.com.ar
www.dustergroup.com
easyworkbelgium.be
esense-muscle.com
facetherapie.com
familymenuplanner.com
plataforma.fedecuy.org
findness.co
ts.fleet.ph
get.freshreview.co
flibra.gaiax-blockchain.com
gdevsid.com
www.gerlipp.com
germancappuccino.com
ginger3dstudio.com
fitgraph.glovers.page
guenda.xyz
harem.one
harosec.com
www.horizon-z.com
the-videogame-api.intravaiaezio.co.uk
ipscmun.com
letsjusteat.jacobposton.com
www.jane-lee.org
jets24x7.com
aca.karla.ai
keimeasy.com
kingdomautorentals.com
knifecake.com
links.laming.me
lanabassactravel.com
leman.blog
www.louhde.tech
internationalization.mathematikoi.co
ticket.mcom.app
micl.mindinventory.net
insa-challenge.minhnn.fr
geotagger.mistybits.com
www.mitrov.dev
pubenq.mmrstg.com
mobile-dtg.com
juragan-dev.moneyz.id
mukbangshows.com
auth.multiverse.ai
myvo.com.br
www.ndaru.org
www.oleificiosocialegraffignano.it
www.onatsoftware.com
onlinecodingtools.com
sudo.org.za
firebase.pausi.id
www.playne.se
www.project44.app
ptb.kids
rasmus.productions
www.richharrison.dev
rizzorts.com
www.sabor-a-peru.com
santm.com
www.sevanakendram.com
app.silver-smok.com
storier.us
tools.sweetbirdsuites.com
www.techitunes.com
student.techokids.com
deverp.v2.techpre.io
sandbox.textable.app
www.thyroidclinic.com
www.tracking.education
ilmostro.turnosweb.app
powerbrad.turnosweb.app
www.u-drive.app
verbetajezelf.nl
virtutech.in
whatsyourlevel.app
yaashnagupta.com
Other domains in certificate