Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=dentalcaresrilanka.lk
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 31, 2025
Valid Until
January 29, 2026
57 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4A:A1:75:B3:F4:7B:66:66:96:DD:9A:7E:D3:C2:51:5C:89:DB:AC:BE:1F:2B:DA:49:13:D5:A4:70:2E:6E:45:3F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
fieldbuster.app
digifull.cms-test.2na8.com
oab-ms.acesso.center
antigasoftware.com
aquariusbeauty.co.uk
ian.battersby.io
dash.baxpay.com
www.bhsuathleticcamps.com
app.biztap.io
boglarka-kozmetika.hu
report.lexi.bycopilot.com
exams.cbtportal.com
dev.tbn.co.th
pjhouse.co.th
vertixol.com.cy
kolor-plus.com.pl
contentmedia.xyz
damiankoniuszy.eu
daneslatten.com
datavis.sg
dentalcaresrilanka.lk
www.devwarex.com
www.doneliva.com
learn.edaffix.com
tic-tac-toe-1912.edsoncamargo.dev
dev.eezeverify.com
eezeverify.com
admin.egnctrl.se
enjoytravelhn.com
expertgpts.com
ezamindar.com
festee.app
app.fillerupemployment.com
docs.fingenom.com
link.flavrs-staging.com
13cabs-business-test1.fleet-dev.com
flipget.app
flytechlab.com
www.gabrielsotelo.com
gerenciaescola.com.br
www.getcheq.com
globalmetrix.cl
gonzalohonorato.cl
www.greenenergycorp.net
grigrip.com
www.hardfanaticz.com
www.hashedtokens.com
hatter.hk
hkbbqperth.com.au
hoycek.com
test.hrvmagic.com
www.jack-saunders.co.uk
jardinhaciendadelasflores.com
app.kargodroplogistics.com
khamm33.com
liveupdate.kn-app.com
kostelgrad-projekt.hr
auth.stg.minga.io
admin.myfastpcba.com
beta.myhelm.io
www.mypetvetonline.ca
dldev2.nanco.io
www.naparoma.it
www.neko-jinja.com
networker.app
paynehut.com
petmatepets.com
www.podgaiskaya.com
pokerfunding.com
gregjarvis.portfoliolink.co.za
promethyx.com
www.psychoterapiapsychoanalityczna.eu
dogs.reedit.au
www.romain-fertillet.fr
russmiddleton.com
connect-ng-fom.rxoconnectdemo.rxo.com
www.serentio.com
nhathang.shipxanh.com
onboarding-dev.simplewealth.ch
link.skillagora.com
smarter-vitality.com
www.soluciontecnologica.ec
spellerbees.com
sripayplus.com
www.staige.ch
stage-console.stalliontech.io
stylojs.com
licensing.supernovamining.com
about.sysmori.com
www.tck-santa-anita-week.com
docs.terminalchecker.com
tom-dev.the-talent-accelerator.com
theharvardadvocate.com
screen.tradingview.to
app.tryeraser.com
ttc-westhoek.be
txyshannon.com
editor.xordering.com
www.yommar.com
yordsly.com
Other domains in certificate