Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=floppytherobot.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 09, 2025
Valid Until
January 07, 2026
53 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F2:0F:6B:75:7F:77:2A:AC:55:B6:92:EF:87:E4:B1:D1:24:5A:44:0F:A2:87:CD:74:5A:40:72:B9:70:A6:4E:16
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
mayelelabs.com
1.mycoursehub.de
prism-web.preprod.1stbet.com
www.3dhandscasting.com
inbox-test.42puzzles.com
www.accentricfreight.com
auth.builder.amoda.id
anyonecanfundraise.com
lab.arinapin.ai
studio.arthaus.cloud
artm.dk
atarenites.com
audyssee.fr
augustbailey.com
l.bitgym.com
bloque.pe
rinconvenezolano.clau.io
share.communityclubapp.com
order.compass-group.no
looker.compthree.com
learn.con-cube.com
craduate.com
craftboxes.cl
www.csshtmltools.com
decorumapp.com
coronaria.kurssit.diarium.fi
tirupathur.dropstaxi.in
tiruvannamalai.dropstaxi.in
viluppuram.dropstaxi.in
perambalur.eacabs.com
books.eduardoreche.com.br
dons.test.eglise-boissiere.fr
mta-sts.ejy.cl
emotionally.app
auth.ems24.co
erp-lagubandhu.finshakti.in
floppytherobot.com
auth.focs.ai
chapeco.g2canal.com.br
www.gamerpro.kz
aialabvisual.genielab.co
gerasinergia.com.br
pos.goldtek.vn
goodmeals.health
cracklifeintheuk.grodok.com
infoair.grouplinkone.com
legacy.habitify.club
app.holadoc.app
core.answer.hrmonitor.com
judge.iltawards.ie
www.inna-markina.com
management.jackdarcy.co.uk
mc.jaminiostudios.com
www.js-projects.com
sl.kodemuse.dev
stagingmylogin.lmserp.com
www.logbook.com.co
www.losadoptadores.com
www.mangoupload.com
www.mariourban.dev
cloud.mercadomovil.mx
www.mevcube.com
mountplan.fi
my-workout.app
ncmss.org
neighboredllcapp.com
www.orionintegrada.com.br
app.ospuncpba.com.ar
www.pdr.app
app.photobug.social
postmortem.com.mx
www.praxis-dr-amro.de
www.rgn.ar
rootsapp.in
app.sah-sh.ch
chess.sberbom.com
www.securitymaze.io
www.shotqr.com
hibido.sixbytes.io
www.smilecat.dev
www.sneakerlist.co
partners.solution-production.eu
adminsite.ssscrackerssivakasi.in
admin-334d7.studio.design
alemana.syntropysystem.com
www.sec-test.tcat.app
solar.telar.dev
theclub.ninja
admin-react-beta.themediaant.com
timbermind.co
testsamu.tooware.net
l.toywala.co
trait.fi
api.trasportourgente.com
ultralopp.se
ecosystem.vilano.org
c.wemall-dev.com
cryptopay.wink.by
www.yeahunter.hu
www.yugosensei.com.br
Other domains in certificate