SSL Verification Bypassed
The server's SSL certificate could not be verified. The analysis was completed using insecure mode. Data may be less reliable.
Reason:
Hostname Mismatch - certificate is issued for *.ingress-florina.ewp.live, ingress-florina.ewp.live, not for picklecube.software
Open
Cached
·
just now
75/100
SECURITY SCORE
Certificate Information
Subject
CN=badgecred.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 02, 2025
Valid Until
March 02, 2026
80 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DB:AA:BA:2A:C5:D0:A6:ED:6A:FB:66:A0:55:07:AB:B9:1D:72:31:B1:0D:A8:4B:DF:4E:01:0C:A1:E9:05:FD:92
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
picklecubesoftware.co.uk
www.aespinoza.me
www.agntworksllc.com
www.apriculture.ltd
badgecred.com
bankswedding.com
beratung-klotz-brenner.net
vendas-admin.bsibr.com
www.buzzstring.org
cartdiscussion.com
app-03.dev.carto.com
app-06.dev.carto.com
app-08.dev.carto.com
app-15.dev.carto.com
christophermaserang.info
loanco.closelly.com
diwali.festivegreetings.co.in
festivegreetings.co.in
auth.cohubitate.com
www.contoursmusic.com
www.creatornomic.io
tousclientsauchan.dataauchan.fr
www.dataurl.app
authentication.equidia.fr
eventpic.nl
expertanimation.org
auth.express57.com.mx
fitandfantasy.com
www.fitandfantasy.com
g2o.si
www.hbamithkumara.com
customer.test.helppoydin.com
ideli.business
ankauf.imdira.de
demyan-ilona.invito.link
jaggauts.com
app.kabbeeplus.org
kartechnl.com
train.kickedmycat.com
laestacionradio.com.ar
lahirusenadheera.me
legacygrocery.in
log-consult.net
dashboard.luli.app
luxury-smoke.com
matchme.gg
menuday.com
mineyourtime.com
appointment.moons.rocks
link.morfy.app
msighk.com
www.neoncurve.com
dev.nextpic.app
www.oceanmasterpipes.com
lom.kzmkikinda.org.rs
pos.plugpix.com.br
www.plumasense.com
link.staging.pricesmartfoods.com
pumpgram.fun
www.rayyanmridha.com
rediqsba.com
www.relaxgames.app
remotion.pl
app.rheo.info
robertkoech.dev
admin.roger.chat
app.royalimoveis.com.br
www.ryan-zhou.com
www.skwila.ma
smarttvrepair.in
sojurunseries.com
solarleague.org
www.soundsswapp.com
spencer-settlement.com
sridhar.me.uk
sriharivishnu.com
auth.studybuckets.com
app.styledcalendar.com
bodaeduardoymariana.swanmoments.com
syamu.org
www.tanalousaquestoes.com.br
targetedthreats.org
s.teamvalidus.com
www.techmedicsa.com
techtal.io
thebrandonian.com
console-dev.themint.jp
therealoxy.com
thesatsolutions.com
tofof.org
startups.tsf.tech
primalbox.turnosweb.app
uauaapps.xyz
www.upt7209.com
vago.studio
vicpci.com.au
credicard.demo.videolink.app
vivga.in
secure.wevoyce.com
www.wyatthardin.com
Other domains in certificate