Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=cbofc.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 16, 2025
Valid Until
March 16, 2026
81 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
85:DF:7F:41:F7:E2:60:59:7A:FA:94:58:C4:E2:DE:1B:48:C4:61:5B:BA:08:EC:5F:56:D9:AC:80:5C:92:5D:8D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
gdgistanbul.com
www.5u.hk
honghock-admin.acuizen.com
line.aestemaworld.com
albertodente.it
east-west.app.staging.alpinemedia.com
shawnee.get.staging.alpinemedia.com
anatoliyruss.com
www.anclement.com
apexbodytuningmassage.com
quizapp.aronteh.com
avancod.com
www.avancod.com
app.preview.axleaccess.com
stage.tv.barhelper.app
grancanariabeaches.baulen.com
bhaktibook.com
link.boards.com
caitchison.com
cbofc.com
christianlimas.com
www.cisneiros.com
stay.cityrelay.com
vice.ciucky.com
www.clicemprendedor.com
auth.cluekeeper.com
www.cnkamsterdam.com
gan-yochi.co.il
bhroadwaysltd.co.tz
colgatecamps.com
www.colworx.com
computerenhance.com
ossmideast.corejsc.com
cracosky.com
cure-remedies.com
datamachine.works
deerdenradio.com
consumer-frontend.staging.konstanz.delcom.nl
yeti-test-domain.demeter.builders
app.dietspace.fr
duomessenger.com
www.ecounselingconnection.com
www.elevate-sg.com
www.erod.dev
www.evilscoby.com
www.evolvingtraxs.com
web.fellesverktoy.no
www.fleetdispatch.io
frerichs.fr
recaps.geovelo.app
link.d.getcoco.com
beta-util.gincoapis.com
gobubble-dev.internal.gobubble.app
admin.golivgroup.com
dev.gordanita.com
auth.handle.com
hectorcho.com
auth.idoitjustforfun.com
integer.cl
segi.internspoon.com
ipiring.com
miamia.jau.co.jp
jpdup.com
software.kaciyor.com
www.ksafi.com
quizpoker.lets.stream
marketdirecto.co
coffeeshop.melissaran.com
www.mentarimedia.com
www.metariba.io
www.mindfields-platform.nl
www.mudigal.com
myteal.ca
app.neverland.finance
nexgen-creatives.com
app.niman.com.br
www.occiplast.co
www.omvedahome.ch
app.onepod.ai
opsteelpan.com
oyatsukai.com
fcpouat.qloud.capital
redcapital.com.au
www.revate.io
rohansatram.com
sabrana-secanja-kocana.com
auth-dev.semana.io
quiz.sgschoolwork.sg
www.shondavid.com
spuza-milord.com
www.sqab.org
stbenedictknights.ca
sydneyswedding.com.au
www.thedsignstudio.com
www.thethaothehevang.vn
tppholdings.com.au
admin.trinodex.co
demara.trinodex.co
cdc.espace-accedant.upbycellance.com
whosu.co
Other domains in certificate