Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=dev.slowdrive.mauroconte.net
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 06, 2025
Valid Until
January 04, 2026
56 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6A:88:51:FD:EB:08:35:B0:A2:F9:08:E5:BC:4B:0D:0D:6B:73:B4:93:05:2C:B4:16:58:C2:6A:92:F7:19:0D:53
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
peliscope.com
rws.almeraim.com
aluminiumwindowwarehouses.com
andamp.app
www.appnorge.io
www.appscontrini.it
services.archbend.com
billbuk.com
www.budgito.app
auth.busybee-test.nz
system.capitalheartclinic.com
captexcruisers.com
learn.casemanager.tech
www.chitragupta.co
www.chowreach.com
www.citokain.com
confeitariapraline.com.br
crestituyo.com
cyber.mn
cysero.net
dang.co.nz
neo.delivery-boosting.de
detallitoslasnieves.com
www.distritocaracas.com
crm.dmtsolar.com
www.demo.doc.cr
www.kidsup.edu.vn
supportehruser.ehryourway.com
emicentrum.sk
www.eqindustries.com
funclass.com
staging.app.gamoteca.com
academy.gogokids.my
hadi.com.au
www.healthinspectorrecords.com
www.heisbig.com
app.helloello.com
dev.hi-ya.com
www.ibigdea.com
www.buscabank.icod.com.mx
schools.illumine.app
individual-learning.com
comp2110-2023-c07.jayenashar.org
condor-widget.joinsherpa.io
julienrenaux.fr
knapsacky.com
le-sim.com
live-through.net
lockdownbootcamp.com
marilyns90th.com
dev.slowdrive.mauroconte.net
jafirebase.moboreader.com
mossmoss.life
www.moub.com.br
app.movipay.com.br
my-elg.app
usa-nails-loganville.mybestsalons.com
www.numispace.com
www.ocr-photos.dk
oeaconsultant.com
menu.ohmymenu.com
www.openhourtab.com
panthera-peak.com
pensioenbijvebego.nl
philippinelaw.jp
www.pianolessonsyork.co.uk
www.playtripeaks-online.com
polariskampen.nl
poopeek.com
www.prochazka.app
bmorepsychedelic.psychsems.com
training.pupford.com
rafaolivares.com
retan.si
app.roboflow.ai
www.rovaniemenlentoasema.fi
www.sachinsart.com
live.sascargo.com
shubhambutle.com
smapcrms.com
smartseohosting.net
brand-mixer.snoofa.com
spaceli.io
stubbydigits.com
beta.tacxtraining.com
techheaven.org
admin.timetoliv.fr
www.tobynboudreaux.com
www.travelventura.se
www.ukruhace.cz
manuale.unigastro.it
cornng.vaughanm.xyz
www.viralvideoss.com
app.seufpms.webapiservices.in
breakaway.willowprescott.com
wisoftify.fr
www.workforages.com
dev.yaritori.jp
www.zapimpresso.com.br
zyan.co.nz
Other domains in certificate