Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.dimarofolgarida.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 23, 2025
Valid Until
March 23, 2026
71 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F8:23:40:39:F2:4C:2D:F7:C4:40:86:EC:1E:86:A1:B4:D3:9F:D1:C1:7A:A9:E8:43:0F:0C:51:16:5D:48:FC:8F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
creativesminds.com
auth.ahorraenergia.tech
staging-env-app.amazing.dev
antikus.lt
apocha.info
www.appbucket.dev
archangelofeuropa.xyz
link.athlo.app
admin.avazsa.com
bitswot.com
demo.bondigital.io
ecliptica.broccolirecords.com
c4f.wtf
peddle.caarya.work
www.carloscastillo.online
www.casalohr.com
www.chalupaalbrechtice.cz
www.chinggiskhaan.net
its.danashaluxury.com
dandelion.rip
consumer-frontend.staging.hasselt.delcom.nl
dieselprice.co.za
www.dimarofolgarida.app
www.drmariannegeraci.com
electronic.blue
test.enkelsms.no
exp.eyinitiatives.com
fanwear.art
fewo-krugzell.de
www.fonstack.dev
www.football-card-manager.com
fosteringculture.com
loansubmissions.future.loans
m.gaigai.com
galaxylabs.net
paymentgateway.ganosoftware.com
gdtm.in
www.graoo.fr
cse.gw2-strm-sds.com
hex.trade
links.hivebuzzer.com
hm-moosbauer.de
support.hydroindustries.dev
iamferpa.dev
app.jeeb.li
free-site-fees.landing.johnfowlerholidays.com
prereg.kaishing.hk
karrbs.com
klassekartgenerator.no
client-stage.kleenwayservices.com
www.kmgtechsolutions.com
www.laurenpitruzzello.com
lerichefort.com
www.locusstore.com
loveandnonsensebakery.com
www.meplusindia.com
mosharif.xyz
moviehive.in
murcianys.com
app.nexsnap.app
www.nojoelombardo.com
www.test-website.octo-gaming.com
www.omega-analytics.com
www.oyatokoshindan.com
p-m.live
auth.patentexpress.com
links.pawtocol.com
dev.pintsandpinball.com
www.presenting.xyz
prijsduiker.nl
propertysolutions.app
purrcoin.org
puzzle.reecewalter.com
www.respectesc.com
connect-ng-carrier-loadboard.rxoconnectdev.rxo.com
www.saferschoolsolutions.com
portsmouth.scouthub.app
www.searchera.io
www.seattletolls.com
link.sheercustom.com
develop.smartenforcementsystem.com
www.stocksports85.com
www.stscie.com
www.tensorbrick.com
thedially.com
unitconverter.thefreetoolchest.com
tem.thepresence360.com
www.unishoper.com
new.usefashion.com
uselessdog.dev
blueink.vidyagiri.com
previous.vishwaloka.com
applebtcworld.walletpayment.net
wavetext.com
firebase.wealthawk.com
admin.wildwoodmfg.com
workwithdaas.com
yatoca.es
www.youtube-pro.com
www.academy.zeroone-ai.jp
Other domains in certificate