Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=candidate.forter.dev
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
May 04, 2026
Valid Until
August 02, 2026
82 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BE:13:AE:6D:36:09:63:FE:3E:44:A0:CF:4C:54:CA:DD:6C:DD:0A:D1:55:33:3A:95:B6:A1:46:39:28:52:D6:B7
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
plan.devorbit.fun
adrianguichard.dev
www.aevissia.com
app.appmeupet.com.br
portal.atlasiastateuniversity.site
app.avitri.ai
merchant.avitri.ai
www.bendabrasil.com
www.bidniz.co.za
www.biocomunidad-avicola.com.ar
www.birksgeothermal.co.uk
crm.bluearctech.in
nihonseihamap.bpmjapan.co.jp
table.c30.tech
capora.in
auth.chepics.com
codebase.observer
compressdocument.in
conquer.technology
www.consilience.cloud
create.ctech.ai
cytos.dev
daniellillie.work
denuncias.app
departamentosnorte.com.ar
devabhoomirealty.com
digilabs.com.br
eda.ma
empathcare.in
app.empoweredhoops.com.au
epicoutdoor.win
www.everythingearth.earth
farmcred.com.ng
folderizeapp.com
candidate.forter.dev
freshfeed.in
gabrielzerbine.com.br
garten-betrieb.at
gelbanana.com
gestion-aliya.com
globalpointbridge.com
videochat.gonuts.ai
learn.ieco.io
app.iexchange.ai
dashboard.inboxiq.co.zw
app.jahezacademy.com
jiangze.autos
jsvialatte.fr
jswrakennus.fi
sory.kevman.app
leosreclassics.games
family-fun-places.linkdecks.com
liquiox.com
dentalchart.lonetree.vet
apps.playfunthinksmart.madawesome.com
mainfactor.global
marinax.ai
saurabh.mernstackdev.com
evkar.minesweeper.pro
misbarai.com
www.moti.ai
mousse.fr
mysticbanchor.com
myunion.us
nullsploit.in
ora-cafe.com
perlamatta.com
perlamatta.fr
processmods.com
www.qingtiancaiyun.hair
righteouscharity.org
www.riyadhnow.ai
stage.rmkinnovation.com
www.ryo-kobo.jp
sangathub.com
www.sanvin.co.in
ridsid.sardagrp.com
www.stybbers.se
syakilatoptrading.com
apps.tbun.dev
www.thecourtyard.ai
account.travoseal.com
delete.travoseal.com
www.triaxis-labs.com
www.truevalue.app
childrenfirst.trustin.app
acuario.app.uninexus.lat
uniqueline.ae
www.vfmauh.com
www.wainiu.buzz
staging.wayfindersports.com
webhabilog.com
www.whistled.app
www.wushan.rest
ytta.cloud
www.yuhailingwang.lol
yuhailingwang.lol
zathit.com
www.zixianli.lat
zixianli.lat
Other domains in certificate