Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=www.prettybrains.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
April 01, 2026
Valid Until
June 30, 2026
49 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A4:8C:99:2E:4E:E8:0E:29:17:D0:41:CB:F3:A9:F4:6E:A4:10:D2:26:F1:70:85:C7:54:FD:4D:51:02:EE:D6:6F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
guardifyx.com
1ludo.in
staging-physio.activlife.my
app.albademo.com
www.algometatech.com
dosa.ardent-training.com
test.arixautomation.com
app.asistmedic.com
www.automatizatrading.com
www.bau-s.at
roomdesigner.bdfhybris.com
budget.benthayer.com
api.bungomail.com
www.caringangelseducation.com
charmingbeauty.eu
auth.chestmusic.com
app.classpract.com
share.colplan.net
transport.convoy.sg
pro6.corsecontrol.com
www.cortijolamarquesa.com
crystabyte.co.uk
www.dasmobile.online
glow.decodedetroit.com
dehkhoda.de
www.dietwhisperer.com
console.digitalgrub.com
bingo.docchula.com
dozy.co.in
q1-myaddressbook.dpdlocal.co.uk
webfg.ehryourway.com
lims-stage.fastcurveservices.com
father.beer
cwenerji.filokar.com
www.finditly.com
sintpaulusvijfseweg.flockim.com
www.floursakk.com
my-dev.foodsi.pl
app.fortalecerh.com
foxprologistics.com
frutaturas.com
gaborzay.com
www.gatfinger.com
gaume.org
geogunner.com
hawkshaw.ca
hearourvoices.io
apps-classic.heartfulness.org
www.ianos.cloud
separaciones-admon.idei.com.mx
ignitia-labs.com
ikuzaki.jp
www.ingenieriaysolucionesciviles.co
dev-api.iqid.com
isitstillafreecountry.com
ivanmendoza.dev
jgarvidsson.dev
pepino.jmkt.digital
blog.k2a.in
stage.levigata.com
lisbermontdesign.pro
register.loka.build
metatechit.com
minjulekalender.dk
equitybank-apply-staging.money-phone.com
muskett.co.uk
myadidasgolf.ca
vadba.olympic.si
omni12labs.com
paperpalate.com
pos-api-stage.paydoo.com
itryflutter.practicehabits.net
www.prettybrains.com
stories.ranajahanzaib.com
rcloud.dev
realmetalprice.com
usileventos.rebus.com.co
sbenfocus.com
schirwindt.com
selkiecove.com
shannoneng.com
dev.shipshap.com
control-beta.skykit.com
stayatfriends.house
swingjeans.it
sylasboniek.com
taluto.com
dev.abcadmin.the8th-floor.com
videoplayer.touch-less.dev
auth.ubbik.fr
cms-dev.unaeon.com
cms.unaeon.com
vivetmarket.com
voistar.jp
www.wheelofnames.page
www.yakudoh.com
yoyevoo.com
0p3n3.zayit.io
www.ziggu.app
zygohealth.com
Other domains in certificate