Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=randivoo.ma
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 29, 2025
Valid Until
December 28, 2025
32 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
57:E1:8B:DD:A4:72:0A:E4:87:D2:FB:02:9F:D5:DA:AA:F4:07:D1:D1:1C:3A:35:AA:76:98:56:16:12:52:56:89
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
notes.roland-strasser.com
link-staging.24baby.app
dev.linkafrica.28east.co.za
stocklist.abrahamzakharov.com
www.aerocafeteros.com
albertsaglik.com
amouraconsol.com.au
www.armchairepidemiologist.info
as211776.net
askillaway.com
audio-falcon.com
www.bijouxartigianali.com
www.biochestcloud.com
ast.birliktegucluyuz.org
bmo.chat
www.bryngwynridingcentre.co.uk
www.bytesong.in
www.chancecalculators.com
cg.app.chen.dev
chik.dev
link.ciandx.com
codewithkenan.com
ortech.com.gt
mikemike.com.sv
actinno.com.tw
vitaello.com.ua
www.sfedorenko.com.ua
www.consultant-cleeven.com
support.daataar.in
www.kalender.daskropka.de
divein.divedeepstudios.com
www.dsebafsuccor.com
fight.reviews
demo.finditly.com
f.friendness.it
www.furry.my
fvr.me
www.g5g.org
chouseisan-opgen.ggtk.app
giteta.com
staging.gps3ms.com
link.hawsinc.com
herohtar.com
memory.iyom.app
firebase.janpohlmann.de
icelandair-widget-sandbox.joinsherpa.io
leadmango.in
vr.staging.lettucegrow.com
lingoperfect.ca
admin-staging2.linkroom.com
meet-rc.liveswitch.io
note.margni.com
www.meadowcounselling.co.uk
www.mediacontacta.at
outreach.naviguard.co.za
neighborfunds.com
chabahil.nepaldrivinglicense.site
chitwan.nepaldrivinglicense.site
www.nurbolsakenov.com
okocam.app
www.opatry.net
www.panamericano.app
www.pawelkarkocki.com
beta.penguinclicker.com
plazariococa.com
pollerbear.net
admin.prenlu.com
www.privatetechservices.com
qa-login.producttube.com
www.puja.eu
purplechat.fun
www.quickcells.co
randivoo.ma
raushan.dev
rme.app
www.robomagi.com
links.seranking.com
www.sieuthihangcongnghe.com
sintoniapetveterinaria.com.br
issue-app.smartgroups.io
snipbits.app
sobremercado.com.br
statement-gateway.com
platform.strongwallet.co
json-schema-editor.tangramjs.com
teario.com
pwa-staging.tech-scheduler.com
thatbyte.com
www.torrenceb.com
transactions.app
preview.trayn.com
auth.google.tvalerrplay.com.br
www.ume.dev
healthcheck.vdt.app
dispatch.vtoms.com
www.yakkunde.de
www.yero.academy
www.yuvivian.com
zhome.zakubuilds.com
www.zandkoop.nl
Other domains in certificate