Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.pranaheart.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 03, 2025
Valid Until
March 03, 2026
52 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
31:D2:2D:19:80:FD:7A:28:79:57:0B:FE:6B:AA:DA:94:04:29:F4:71:71:E6:3B:7C:36:C1:F4:DC:37:DD:BA:17
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
idverde.com.br
a2zbuddy.ca
www.abigailjean.art
www.aftonomo.com
admin.aijourney.so
www.web.alaxsa.com
allergymap-report.allergymapdx.com
www.amalsatheesh.com
beta-app.apponfly.com
my.augxel.com
fluminense.bepass.com.br
www.billingsarea.com
console.billmybank.com
bindiweb.com
www.bluck.nyc
app.bodyguideapp.com
burakustuner.com
app.casting-asia.com
www.cervezatrescruces.com
projects.classfunc.com
www.clienttrackyr.ca
kayamut.ynet.co.il
cocheragratis.com
code-mountain.org
staging.everyonesnft.theclub.com.hk
core-cuttingdubai.com
www.crashalerter.com
www.curipha.net
cursosdesarrolloweb.com
debtdestroyerapp.com
deepadmd.com
www.delf.com.br
drodriguez.com
archive.e-eclectic.com
rs.e-ray.eu
app.eddcaller.com
exploreshackle.app
federacy.org
admin.feemagie.com
foodiespointbhopal.com
freegivenow.com
genepeer.com
genicwave.com
gpsmaps.app
www.harshvieindustriespvtltd.in
igreja.icalvinus.app
imbianchinoarezzo.it
imc9dejulio.com.ar
coronatestplanner.intellicare.nl
resumensaregrupobachoco.inter.mx
justforjava.com
postenboek.katalysatorduravermeer.nl
kidwiseapp.com
laports.cat
www.livingstonwishlist.com
beta.lunarworks.co.uk
www.matt-mart.in
www.mattzaso.com
ad-test.mediaonetv.in
metapalsclub.com
start2.mojarib.io
money5.net
moochieball.com
beta.naala.app
macollecte.neurowaste.com
nissi.church
www.one-sec.app
www.ozarkapps.com
votaciones.plibchile.cl
pokedexapp.net
app.pranaheart.com
api.puddy.club
pusztahaz.hu
rebecca-mastrostefano.it
www.rockdiving.bg
romantique.jp
samajikmudde.com
sayido.love
console.scenestop.dev
thrivex.sinou.io
www.sizably.io
smartkiln.net
somosori.com
marketing.tap.bio
user.tatapmis.com
teachmenotes.com
fb.thesimpleclub.de
www.tibas.media
example.tick3t.xyz
trax.gg
www.triphuntapp.com
app.uvsamidwest.org
www.vardhandefences.in
dc-lite.vas.com
verso-it.de
www.vrivi.com
www.wear24rom.com
core.wunderkind.co
yahsaves.net
www.zentility.com
Other domains in certificate