Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=dapp.saladhr.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 03, 2025
Valid Until
March 03, 2026
85 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C1:CC:24:39:B0:DD:FD:91:C4:00:88:F0:2A:10:09:0D:6D:96:7F:0F:B3:44:64:DA:61:59:94:70:C8:F6:5A:8D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
homeopaticasanrafael.com
firebase.sv.activenote.jp
add.vc
afterdoc.net
ai-swe.com
captions.aihearu.com
alijafri.dev
prd-firebase.amuse-beaute.com
analystak.com
artechvert.ma
mannereclass.auxswot.com
recovery.behaivior.com
www.bigzigprinting.com
birdsoftwarellc.com
www.bishnughimire.com
bleiwrites.com
help.blujedi.com
ywvm.bmgomg.com
boulder.school
brightmedia.cl
calvinwong.me
b2b.ksong.com.tw
proteinfoundry-orders.crispnow.com
admin.croptic.ai
clinic-hq.shelf.doctorbook-cs.jp
dreamtechworld.com
www.drivr.red
account.easytap.co
echojournal.ai
www.eeecccooo.de
endingeverything.com
safiraenergia.enercred.com.br
fashionmejen.com
feedbackrig.com
feelfirsttest.com
client.freestand.in
app.freundundreiter.com
dev-app.froged.com
gestandoenmovimiento.com
auth.staging.goodygood.co
grafk.design
grasshopperdesign.in
refgen.groupe-abed.com
habilidadescognitivas.com
kaigo.haken-mikata.com
hanzigraph.com
www.heavyzone.ca
hossegor-properties.com
hubotik.com
mirain.impactwrap.com
www.indigenouscareer.ca
kioskbistro.infinitifood.com.br
timesheet.influence-it.com
intaxtech.com
mozaikplay-stage-4.ischoolconnect.com
jempass.jemedia.org
junges-theater-oberrieden.ch
www.kathrynaholston.com
kaweapps.com
keevii.com
kotwalcommodity.com
promo.lapsnap.app
www.latifilaat.com
lucas.massena.com.br
links.memrise.com
www.mobileoffize.com
monsteroftheweek.space
invite.mybeb.com
mygoaltrack.com
www.newgenml.com
www.newsprovenanceproject.com
www.onepercentcashback.com
patilsuraj.com
portlandmainetabletennis.com
schools.portodesignbiennale.pt
wellbeing-survey.positivehealingtherapy.com
o2exam.rajdeep-das.com
pricing.resquare.co
roastedbethlehem.com
public.roboflow.ai
dapp.saladhr.com
www.sensoryve.com
old.shopy-iq.net
www.sikatechnologies.com
www.solin.com.co
www.sorayaintercinefilms.com
konnect.sorocabarefrescos.com.br
sssaquadevelopers.com
www.strange.garden
ins.demo1.stx.world
cloud.tapefear.com
trackrapidly.com
www.traficowebcam.com
console.simulads.ultraimpression.jp
admin.undermrkt.com
staging.lobby.uveye.app
baufinanzierung.vb-rb.de
web.vidon.ai
countdownapp.vladimirgutierrez.dev
picante.ymapp.co
Other domains in certificate