Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=reviews.proatek.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 02, 2025
Valid Until
March 02, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AF:B7:7A:00:2F:0C:74:F9:E4:4E:3D:8D:DB:93:C3:F6:ED:3E:81:66:29:B4:BA:6A:88:0E:26:9F:50:5E:35:5E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
google.webuir.com
2015.devfest.gdg.org.ua
720kingsley.com
www.9to5.software
activities-central.com
app.airealtor.com.au
www.allinonefitness.ch
www.amanyadav.net
amarsood.com
aminejait.com
link.babywise.dk
staging.bitjem.com
www.blob.chat
yza.console.bringoz.com
brushly.bullet-mobile.store
api2-dev.capp.fm
confluence.carpages.ca
www.cazafantasma.mx
cennetcookie.ru
chioschettoaltamarea.it
christiantola.me
link.colomali.jp
rrinc.quicke.com.pa
www.brisks.com.sg
covidtrackerpr.com
www.criative.nl
boscom.dango-system.de
www.danielweidensdoerfer.de
moneynest.dl.darkravenapps.com
blog.dcow.de
www.drishyam.org
asistencia.inam.edu.sv
spinfire.elaitch.dev
www.elaularestaurante.es
esmaplus.ru
dev-app.eventui.pl
nlb2ctp.fairchain.org
find-my-friend.app
flood-it.app
fouroaksconsulting.com
demo.getluna.dev
getread.app
firebase.gmspurgo.cloud
www.haagakuppi.fi
haroldulrich.dev
www.hgmultimarcas.com.br
hhdeliv.com
www.howlt.com
huntertran.dev
teplahata.if.ua
d.izipay.pe
a2b.jetpackpony.ru
kevin-jo.be
auth.test-dev.kip-ddb.com
leonardobecerril.dev
www.linkyourfit.com
www.littabook.si
mobiler.uz
customer.moderngolf.ca
monitoro.app
munchybaby.my
mwelldesign.com
bob.neoufitness.com
www.networkutility.app
feedback.nextlevel.cz
nilesh.me
fire.nkynky.com
equipometre.facilit.norsys.fr
www.orinqo.io
www.panda-coders.be
pasticceriamela.it
yexu.pedidomovil.es
ihc.pmprx.app
reviews.proatek.com
propmotive.com
qevka.com
surv-docs.qservus.com
www.relentlo.com
remotoco.com
parceria-stg.reppara.com.br
revooloop.com
app.riccoval.com
apk.richter.tirol
rostasan.com
rowanhockey.com
www.rulenotfound.com
sakiadsmedia.com
salasardyeing.com
muzeu.sci-web.ro
www.seniortalent.cl
www.shine-design.com
www.shreyanshjain.dev
supermodsai.com
tamimabbas.com
iosvideomaker.topmade.app
twocats.app
app.vkrds.com
appdemo.webiers.com
cube.yd-dev.ovh
zeronex.app
Other domains in certificate