Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=sailrace.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 16, 2026
Valid Until
April 16, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
2E:F2:A9:8D:C3:E1:E3:C1:A5:DF:29:65:DF:8E:B5:06:77:54:D6:89:7E:AB:9D:E3:0A:BA:BE:49:08:97:A9:F9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
heyweb.dev
a-ztrades.com
www.anatta.dev
ansync.com
link.aslbloom.com
www.assessif.ai
portal.assignmentsolver.in
audiovocab.app
babythesaurus.com
coach.dev.bestathletes.co
login.bingelister.com
www.bizpro.live
auth.blastforces.com
bloomcurio.com
vouchers.blubnana.xyz
links.bobilguiden.no
www.brandasign.com
www.chromebooks-in-deutschland.de
www.cjquickinput.com
clear2close.deals
app.climatesolutions.in
archiverse.co.kr
businesspackage.co.kr
code316.dev
ecotask.com.tr
konsinye.marcar.com.tr
bomf.conexustech.com
davidsoto.page
alpine.denkimushi.com
acct-falcon.developllc.com
payments.dream-more.kr
www.driftbee.com
mitglieder.dwg-eg.de
auth.en-passant.org
go.energizedover40.com
www.eumepego.com
auth.fastscan.biz
scanning.fmbrsvp.com
form.miyagi-npo.gr.jp
www.gymmanagerpro.com.br
hanthanahouse.com
icmgroupe.com
myask.in.th
infini8ai.com
www.infrafsp.com.br
institutehub.ingeniumedu.com
www.jual-bu.com
www.keopromos.com
kingfishercc.co.za
kwcpantherscamps.com
www.lektra.es
planboard.lenting.com
lifeextreme.online
littlerocketship.io
pipe.lobb.in
manageyourtax.co.uk
mindminder.matias-ceau.fr
mortgagegeorge.com
msenterprisespk.com
nearestschool.com
nossacidademelhor.com
nubonext.com
srisaianbukkarangal.org.in
www.pahad.tech
apps.pandolink.com
link.planter.eco
encycle-agent.prossell.jp
pumpkinbites.com
quietwaterscp.com
rentreef.com
reparopiezas.com
repher.me
riskshieldglobal.com
sailrace.app
www.sese.dev
sharwarii.com
pals.smart171.org
smartsystematics.com
socialspaces.studio
scratchers.sqwadhq.com
rocheapps.ssbyte.com
www.subclub.com.au
monocle.theorigin.app
thirdviewtech.com
throne-recruiting.com
www.totalrewardspro.com
townsvilleconcertband.com.au
www.trustmakine.com
tzejian.xyz
totsuka.uechiryu.okinawa
uva.finance
cafe-autor-vil.my.voicezero.site
the-daily-grind-yh5.my.voicezero.site
mobile.waching.store
agent.weccoo.com
beta.agent.weccoo.com
beta.business.weccoo.com
business.weccoo.com
yifan.yang.cloud
youimagetool.com
Other domains in certificate