Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app-06.dev.carto.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 28, 2026
Valid Until
April 28, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B7:6E:BC:7D:AC:D2:32:42:70:B5:5A:5F:8B:24:96:A5:12:5F:5F:45:D3:B6:F2:53:15:EC:CF:42:48:C6:3A:73
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
fitlefit.com
www.agntworksllc.com
www.alexandrerelvas.com.br
alphatech.com.pe
www.ameliawasowski.com
angus-clark.co.uk
adm.aonderole.com
conference.apereo.org
studioinfo.artisticyoga.com
firmacct.bacotech.com
www.boompoll.com
staging.bradcarson.ca
www.calabash.city
app-03.dev.carto.com
app-06.dev.carto.com
app-08.dev.carto.com
loanco.closelly.com
www.cmriabilita.it
www.easytaxfiling.co.in
auth.cohubitate.com
www.contoursmusic.com
roxberry-ordering.crispnow.com
share-trivialis.cubel-apps.es
tousclientsauchan.dataauchan.fr
drinkethdiary.divyanshiverma.com
www.donneargent.fr
tour.easygolf.net
app.ecosaras.in
dashboard.ecosaras.in
fantao.org
fitandfantasy.com
www.fitandfantasy.com
app.fosterway.com
docs.fyne.ai
client.getsway.com
goldrushcomputing.com
tickets.goruckit.com
groceryfix.co.za
grupoelhoc.com
guillenyasociados.com
www.guitarlessonsnewcastle.com
customer.test.helppoydin.com
cv.heyyou.it
www.homebrewfactory.ca
industrialelastomers.net
dev-api-crest-conecta.inteligenciamkt.com.mx
ismconnect.us
tripplanner.iterate.no
jaggauts.com
geocities.jeremyhubble.com
guestbook.jodiesfund.org
app.joinsocialcard.com
jacks.justinduross.com
checkout.intg.keap.page
keraquetzalli.com
laestacionradio.com.ar
www.limoinsanjose.com
luxury-smoke.com
app.m-t.io
menuday.com
www.mevron.com
mineyourtime.com
link.mmakce.cz
www.mmorpg.zone
moofyadmin.online
moonapu.com
msighk.com
www.neoncurve.com
www.oceanmasterpipes.com
auth.onbrand.link
vc.coza.org.ng
www.pagossanignacio.com.mx
www.paillardes.app
crm.panafricangroup.com
www.plumasense.com
dash.pointapp.org
www.rayyanmridha.com
rediqsba.com
robertkoech.dev
robloxdesignschool.com
admin.roger.chat
www.ryan-zhou.com
www.sallay.info
www.setano.com
sila.live
sojurunseries.com
www.solidsolutionscbt.com
www.soundsswapp.com
spencer-settlement.com
sriharivishnu.com
auth.studybuckets.com
app.styledcalendar.com
www.teampump.io
thearmchairepidemiologist.info
public.ladder.upickleball.net
www.upt7209.com
vdas.in
www.vestergaardkramer.dk
vorzeitigzurpruefung.de
alpha-web-push.yieldify-dev.com
Other domains in certificate