Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=supervisio.city
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 23, 2025
Valid Until
March 23, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
30:96:5C:62:F9:53:B2:AD:F0:EC:E2:E6:7D:42:D9:85:0F:60:4C:59:7B:55:3A:47:7C:7C:59:31:D8:C8:D8:5A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
hahnauto.sg
mural-embedded.42nd.co
www.alsservicestation.com
www.amande-naturopathe.com
app.staging.archivor.io
area.social
authentication-srilanka.com
packaging.auvietglobal.com
www.benstrobel.de
www.bergsteinssonholding.com
www.bigmoca.nl
studio.bitgroovy.com
docs-stage.blockery.io
crewqlouder.bodevents.nl
candidgoholidays.in
gcp-us-east1-06.dev.app.carto.com
unidoobarrio.clau.io
kibunja.bikers.co.ke
admin.collecto.art
www.containcorpgame.com
www.cypherlaunch.com
www.danielmoori.com
uds.dev-ltl-xpo.com
devintent.dev
www.edukunapps.com
www.eetechsystems.com
eldecoproperty.com
element-e.com.ar
diary.elevatoraction.com
erikbue.com
auth.google.esternetplay.com.br
openapi.dev.evertransit.com
getjenna.com
www.gliderlogbook.de
gwold.digital
eli.lib.immwx.com
inon29.com
www.inurum.com
admin.demo.invoicenxt.com
portal.jdkfoto.com
www.jduchessgt.org
www.encuestaclientes.k-9apps.com
kapasky.me
www.lasthopeguild.com
activador.leonprior.com
www.litchfieldparkchildcare.com
www.locksmiths.sg
www.lorware.com
www.manuel-schmidt.biz
minesexedu.com
www-dev.misivias.com
linkface.net.br
www.neuralmethod.ai
test.ocula.tech
testing.oliveplus.cl
www.omnitechelectronics.com
paparecall.com.br
www.pebbles.eu
www.prescottdatasolutions.com
pretiosacoins.com
qualifast.com
app.repisoimoveis.com
www.roastingapps.com
www.rowdybrands.com
connect-ng-documents.rxoconnectdemo.rxo.com
connect-ng-pending-orders.rxoconnectdemo.rxo.com
www.rzamora.com
samicapital.pe
www.schronk.com
www.seoultango.com
sersoluciones.mx
shlopes.com
skillnite.com
www.admin.skiptoncamerata.com
control-qa.skykit.com
www.snnshn.com
sorteossonorense.com
jacklinksscratchadmin.sqwadhq.com
fitcompanion.stefanowatches.com
artists.stillac.com
supervisio.city
www.sustainabilitytech.com
auth.tamperproof.co
techiepeppers.com
app.tepintasks.com
app.thegoodgoalapp.com
auth.trackoneai.com
trustmailservice.com
www.v-medtw.com
demo.web.venttu.com
prep.coatro.viana.ai
beta.vision-transform.com
link.vocabulary-miner.com
sp.volksbolsa.com.br
www.wesasoft.com
wilda-industrial.com
marshall.demo.wylas-timing.com
admin.yasmineducation.com
updates.yourvone.com
zachrobers.com
Other domains in certificate