Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=demo.trellisconnect.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
52:74:B8:63:02:FD:A9:6B:3C:19:99:8B:16:B3:EF:1A:50:69:3D:CA:FF:E3:BE:45:B9:F3:EA:B4:5C:70:96:3A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
oiltrails.ca
inhalte.additive-apps.eu
www.adominguez.dev
alexandrehenrique.com.br
vmc.amicaldo.de
anujandemily.com
ap-chip.com
appda.in
chatgbtuat.appskoko.com
www.arc-land.com
assignmentplanner.app
awaretips.com
barredsd.com
bigcreekbarkery.com
www.blackpepperswing.fi
boardcrusher.net
boruatinhthuc.com
halls.bytekast.io
mcskinshop.chililisoup.dev
equality.citolab.nl
collegedick.com
www.dipendragurung.com.np
creatorflow.io
d-tech.lv
www.derin-yilmaz.com
dianasea.com
didichat.app
www.dishes-app.com
doctorlib.com.br
documator.app
doifrati.ro
dronotech.com
edactiv.com
auth.admin.energyworx.net
ensinoai.com
entregali.com
eugeneelitedodgeball.org
evirtualinvestments.com
felicette.app
coupon.fingerate.world
flr.fndrsng.com
bi-analytics.garageplug.com
www.genericcropsciences.in
gregoireimber.com
account.homenetmentoronto.com
ipx.finance
istitutorenard.it
www.jakesmd.com
jirettai.com
www.keigo.io
www.kyons.vn
stage.app.livekid.pl
mahler.ink
maximerochedy.com
www.meridianblockchainminers.com
minimenu.app
mixedbyjo.com
www.modularmusic.net
www.espaceclient.montri.fr
www.mymym.com
myoneai.app
auth.mytio.ch
staging.mywnetwork.com
biran-pattern.neko-cheese.app
www.nftknox.net
nonstoprecords.lv
chat.omnince.com
stapf.onceaccounting.com
community.dev.ophelia.com
www.paces.run
dev.clientes.petroil.dev
pizzeriacasablanca.com
pizzutoli.com
driver.dev.pltfrm.jp
www.professormarcelo.com
www.protectukrainiandefenders.org
www.psychopneumologie.at
www.puzz.site
qafcom.com
rarefishmarket.art
www.rcshak.com
turf.rebounce.in
www.rikikun.com
www.seychellestennisassociation.sc
shikshawelfare.com
docs.sippy.cloud
app.countdate.sk5s.cyou
vera.gerenciazap.smartmidiasdigitais.com.br
somaterapivet.com
taitconsulting.de
www.thefortacademy.com
personal-tomato.thinkopen.it
app.tilosazai.org
kdm.time-lapse-systems.co.uk
demo.trellisconnect.com
vidimycity.com
wzvsn.app
qmo.xerve.online
canvas.yorkvision.co.uk
zertthecreative.com
Other domains in certificate