Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=carolinebanville.ca
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 02, 2025
Valid Until
March 02, 2026
51 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
30:9C:88:E6:A2:3E:D1:00:ED:46:EB:49:8E:4A:92:4D:64:BB:13:FC:17:F4:1A:6C:BE:35:78:4A:3D:C2:98:91
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
familiarao.com.br
kyosointeractive.12traits.com
3sy.dev
admin.actcway.co.uk
hits.game.adiop.com
onboarding.allariamas.com.ar
leads.andreo.co
data.apap.pl
link-dev.astropay.com
us.production.timesheet.avisi-apps.com
bacogroup.bacotech.com
admin.apps.canadiancores.com
app.candor.org
carolinebanville.ca
labspatient.chronometriq.com
cimagps.com
partner.nicole.co.th
www.inclaw.com.ua
account.commerce-design.jp
www.cotonoudirectinter.com
courantapp.com
link.staging.cupla.app
curtislewisflooring.co.uk
bible.dev.daylybread.com
elsa.id
www.ericseng.com
www.everythingissauce.com
etoro.fedmich.com
app.finni.health
www.fkowalski.com
groundworkpayments.com
dev.groz.co
h2oloans.com.au
www.handballapp.io
ianwang.co.uk
secret-santa.idol.io
app.bruno.imb.br
app-vitalii.inefex.com
book-finder.intravaiaezio.co.uk
irmparis14.fr
admin.jamesdonnelly.dev
jwstonehouse.com
jxde.org
www.keimelia.com
kitemiru.jp
chat.klejdikristo.com
www.krrainbolt.com
ltw-prod.da.letsdive.io
prints.limechile.com
intramed.livepanel.co
luecke-galabau.de
www.lukasschimmer.com
epsilon.mari.com
www.mersinhurdapoyraz.com
data.daq.morgansolar.xyz
www.motocarguero.com
checkride.one8right.com
review.test.orangeroofs.co.uk
app.payforme.io
dashboard.tutor.peardeck.com
songbook.penieltabernacle.com
demo.plusscommunities.com
www.pooping.co
portosaurus.com
portraitofatyrant.com
prioryofthebadger.org
profesonia.com
provabok.com
presence.pyrite.one
csa.rayoapp.com
rdcagroventures.com
rentplusown.com
pavan.ridevesta.com
rising-ent.jp
riskomer.com
rkn.farm
app.sews.ai
link.shoppiland.com
shr1.me
uat-erp.advantage.slade360.com
sofan.it
soravis.com
sososecuritycert.com
stakestore.com
app-dev.stoick.io
streamlookout.com
www.switchboardlabs.xyz
admin.teampuli.com
vagrant.thatcherfamily.org
thesweetestsongissilence.com
thomas-kraeuter.de
firebase.time.com
www.totoquiz.com
deeplink.uattc.travelcard.nl
unsheltered.io
admin.upnup.life
varia.codes
www.wordleparty.net
hooks.workast.app
zetaspace.in
Other domains in certificate