Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=dev.app.fortissimo.education
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 03, 2026
Valid Until
April 03, 2026
80 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D0:3D:00:0F:51:80:2A:2E:4F:2F:D8:11:39:6F:68:FC:40:F7:25:F4:43:E0:42:58:57:F9:4F:BE:D1:B5:D9:02
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
linkamigoo.com
www.linkamigoo.com
www.919app.net
aio-studio.kr
gacha.anyland.jp
arruthracrackers.in
www.arruthracrackers.in
axposoft.com
demo.beyondi.ninja
www.web.bjtworks.com
www.bosdw.com
cartadomicilio.es
clammer.io
seoulcharmkids.co.kr
www.codebex.dev
admin.qdata.com.ng
operator.hidroplus.conny.tech
driveeaseph.com
entropyparty.info
exclusiveconsultingcompliance.com
fleshproxy.com
dev.app.fortissimo.education
www.freightra.com
dev.app.gammanix.com
salonxpress.haitechgroup.com
www.hfmadvogados.com.br
pet.hipposrl.com
innoviqsolution.in
www.jimjonesallstars.com
johnemulators.com
shopcategories.jopit.com.ar
mis3690-final.julianwiley.com
labdemoya.com
lauradeus.com
laurenlevinedesign.com
www.laypyayshop.com
visit.legstart.com
portfolio.lexuanhau.dev
lidiagarrigo.com
www.velocitycontentai.linkpc.net
share.lootahbiofuels.com
lopesgabriel.dev
lovepawshomestay.com
www.lukestancil.com
maderesorts.com
maxclosets.com
matthew.meetshepherd.com
mesan.com.br
minervabiotechgroup.com
mjmaple.com
modernmithai.com
monexier.com
test.mspek.no
myreshn.com
nbzpeiwan.com
nervbox.com
newktap.com
nikimelo.com
nodejsmongodb.com
oipolly.com
pdfwhiteboard.com
prarambhtheatre.com
manager.proveritas.co.za
ralladamente.com
reaganhenke.com
redoks.in
rehmatkhan.com
www.rifatsultana.com
sabusquad.com
sirgea.sagarhpa.com
sanidhya.dev
www.blog.satoshi.uno
app.scandinavianmarkets.com
shamoon.dev
www.shibatable.com
singleuse.io
snookercoaches-dev.com
stelostories.com
signup.stilt-web.com
facility.storagepug.com
taddle-solutions.com
www.technihorn.com
theatlasproject.org
thecourierwale.com
thememorygeek.com
tickbird.com
timzi.in
tuhrn.com
www.unbiasedbreak.com
unicogames.com
urdoer.com
volleynerd.com
wanderrepublik.com
wari.jp
waskosteteineapp.de
app.stage.smartchat.whizdomai.xyz
withfaleh.com
ycfecuador.com
www.yusfulglobal.com
yusfulglobal.com
Other domains in certificate