Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.gentlefi.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 29, 2026
Valid Until
April 29, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DE:52:A5:B8:3B:86:02:7B:31:52:1D:04:B8:5B:F7:07:96:F4:EA:D4:EE:8A:1A:A1:92:BD:14:CC:19:F6:94:41
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
hangman.gamarivera.dev
www.5argon.info
w.abacus.co
papertrail.abumpus.dev
www.addlix.com
alsanadi.com
platform-s.alter-5.com
www.amparosec.com
www.apostoliceritrea.org
link.aprende.com
www.argue.win
www.automotiveinsanity.com
www.bandadenoia.gal
coach.stage.bestathletes.co
bizarreware.co.uk
g.bizreview.ai
ujung.botio.io
bountifarm.com
intranet.box2box.es
bumblebee.io
www.proveedores.casabengala.app
www.centraldelbarbero.com
dev-app.chartlog.com
www.clctr.app
www.cleverchuk.com
www.clinicasabra.com
www.cloudinfra.in
sl.max-stg.co.il
600mwc.cpachecorealestate.com
cycleconnect.com.br
kh2.datateam.one
snakamura.datateam.one
dd.works
ecosystem.life
docs.eighteenpixels.in
planningcards.eveandelse.de
friendsandfamilymarket.com
app.gentlefi.com
finbro.geotat.space
loja.grupovessel.com
highxp.com
www.ibrahim-elouadifi.net
iimbangels.com
bestpractice.immodigi.app
internetspace.co
www.johnnycommits.com
www.joshv.codes
journolabs.com
www.kamieniarstwo-grabow.pl
khaanapeena.app
itsupport.kovanen.me
www.larevolucionvinoteca.pe
logicerrors.com
connect.looker.com
mbanqer.com
mesbro-subsidy.mesbro.in
app.meuamigotemumsitio.com.br
mitwire.com
www.moncano.xyz
monmarzipan.com
moodyapp.de
www.motherbears.com
www.nighttimedriveband.com
borabora.omnicon.co
api.ourlinq.com
admin.ourpetpolicy.com
phaserloading.com
link-dev.picso.ai
www.pollostellos.com.ar
golebiewski.premiumhotel.pl
view.quickreceipts.co
cotiza.renton.pe
www.reuter-natursteine.de
rlmackconsulting.com
apps.ronanfuruta.com
sauravphotography.com
scormhero.com
scribe.tools
shaswatengineering.com
admin.shearcircle.com
www.shinto.dev
smartpredix.com
www.southswan.com
preview.spirepos.com
subhead.com
sunrisesoapindustries.in
www.talk-by-two.com
tellus3whiskey.com
theybesaying.com
tobarrajorge.com
mobile.toysandcolors.com
js.trustdock-ekyc.com
www.tuqire.com
www.turkeyinvestmentproperty.com
manusha.usefuleverything.com
link.vehicle24x7.com
viedemedecin.app
www.vrijraj.xyz
to-do.whomever.dev
xidem-medical.com
Other domains in certificate