Open
Cached
·
1m ago
77/100
SECURITY SCORE
Certificate Information
Subject
CN=eldoradoprinting.easysignage.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 29, 2025
Valid Until
January 27, 2026
72 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F0:28:24:0A:AA:4A:5A:2F:8C:1A:DA:7D:D6:F6:92:39:25:AB:40:9F:44:80:98:6D:23:6D:40:09:17:74:76:CF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
lafloraison.store
registration.accountancyawards.ie
acepmon.com
colheita.beerme.com.br
www.bexysabe.com
blazesoft.gr
blogteq.com
app.bodyfix.io
chembioai.org
link.club.fans
www.cnmdesign.au
www.nbsecurelife.co.in
app.code-id.co.ke
codecodeweb.com
epilog.com.hr
link.zalora.com.my
www.euprice.com.ua
dadachishala.org
www.dakimaru.com
webview.deeple.ai
dilebon.be
eldoradoprinting.easysignage.app
elouaar-surveillance.com
singhaonline.eventpop.me
link.fieldmargin.com
resgatar.flowpodcast.com
series.frpz.fr
futuresimple.club
app.geografiademercado.com
gpi-code.org
graviteum.io
www.greaterdevelopmentgroup.com
staging.hi.fi
www.hoivaorvokki.fi
hypotenuse.io
ifpcl.org
inoglobal.co
invoicer.me
www.jobspri.com
staging-status.kenlo.com.br
kds-stg.klover.app
www.laso.finance
lempi.net
ksgyf-dexter.longbay.se
cope.lookatmyparty.com
margin.tools
mastersofmaterium.com
links-dev.memberspot.de
misaelkelviny.com.br
www.mulberryclinicspringhill.com
escode.my.id
www.myphammoclan.vn
www.mysimhub.com
app.nebulate.ai
gym.ninjacows.net
go.nmarket.pro
blog.norangeb.it
dashboard.oniworkout.app
onlycloudfans.com
imso.openesrilanka.org
operative.com.br
options-watcher.com
pathwayspa.org
cpanel.pomezia-assicurazioni.com
www.prosiltums.com
lmt.qreams.com
api.radiotoolkit.com
www.revizeostravsko.cz
app.riddly.io
www.rielpharma.com
safemanor.org
getapp.savvyworker.com
scpasarl.com
www.se-ngo.com
dev.selfcity.fr
www.siete11spa.com
sitestoreweb.com
skazy.nc
www.sourceon.io
starbuddy.it
decamp.stl.dev
tanga.app
ds.technoserve.net
termfinanceshop.com
monis.thediners.in
www.themeadowsresidents.co.uk
www.themoken.com
admin.thewhatsonwhere.com
thiagobapti.me
transport-labor.com
www.trapmaster.co.nz
adbook.tross.se
tsocrew.txs.hu
office2-staging.typex.kr
admin.dev.verasana.com
stg.vicuatui.com
vrablik.eu
admin.whitecrustng.org
www.20220511.com
yline.app
Other domains in certificate