Open
Cached
·
just now
91/100
SECURITY SCORE
Certificate Information
Subject
CN=dev.flowcharts.thrive.uk.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 28, 2025
Valid Until
February 26, 2026
59 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5A:AD:F7:85:5D:37:13:CC:4C:75:6B:09:FB:A4:53:69:9B:6B:5C:DD:C6:6C:E3:DE:5A:E8:53:EC:19:C6:F7:A5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Basic
default-src; script-src; style-src; +7 more
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.gstatic.com https://www.googleapis.com https://apis.google.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https://api.openai.com https://firestore.googleapis.com https://identitytoolkit.googleapis.com https://securetoken.googleapis.com https://us-central1-lovingwills-app.cloudfunctions.net; frame-src 'self' https://www.google.com; object-src 'none'; base-uri 'self'; form-action 'self';
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
camera=(), microphone=(), geolocation=()
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
lovingwills.org
accurantgroup.com
tools.aeqium.com
agbofantasyleague.com
mlops.ai-hub.cloud
www.aileharitasi.com
alameda4everyone.com
alan-delangel.com
almullakuwait.com
blog.alpersevindik.com
testing.amlprotektor.com
www.anamvr.com
andrewzeus.com
auth.appointmentscanner.com
arman-karimi.com
armoredframe.com
www.associacaoamadeh.com
ayotechsolution.com
battlesofhumanity.com
blockchainomega.com
www.boglebot.com
bookteria.com
malafolla.bracelit.es
www.bugmeacoffee.com
calisthenics.co.uk
client.cargoo.ua
carlaefabio.com
app.cge.as
www.chapterme.co
conorbyron.com
courseova.in
cyberbossgames.com
calories.d3a12.com
cs.dev-team.club
demoloja.digisoul.app
ecoderce.com
www.elitepolysol.com
www.elwynn.network
staging.enigmasoftworks.co
docs.esvj.eu
eunoia.care
fanzclub.co
fatcatstats.com
www.flux.chat
jdl.game084.com
app-staging.getcino.com
glintui.com
goatorthroat.com
grassrootsgov.org
plomer-plomeria.grupoxalka.com
halfacup.app
www.hicreche.com
idesporte.com
ismailbaser.com
ivypractice.com
floridafullstack.jsx.software
jsx.software
www.lightboxglobal.com
loverdiary.com
lythouse.co
ohui-apis.m1studio.co
covidscreening.mayamd.ai
link.memeenvy.com
bildir.mersinhaber.com
www.mows.at
myshout.co
nasserissa.com
newhorizon.asia
noltisprime.com
www.ntakwa.com
doctor.nuuphealth.com
ojasamirai.com
ooo.engineering
ozin-olive-oil.com
parallelbaseball.com
www.playr.cloud
app.stage.owner.pocketpost.life
www.pow.bike
ia.prevonco.com.br
www.producto.cc
auth.promptslayer.com
protosimulator.com
apprisa.realapps.co
reallysimpletools.com
recovery.social
remedians.com
staging-sbgn.remedians.com
www.remedians.com
datastorm.rotaract.social
sarikayasahin.com
www.shooterhouseoftruestories.com
www.shoppingdeals.in
staging.app.splytpay.com
report.su.vision
subhambarman.in
app-homolog.supervalemg.com.br
swordorsheathe.com
terrachemicalsco.com
dev.flowcharts.thrive.uk.com
whiteflames.in
Other domains in certificate