Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.climate.ai
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 24, 2025
Valid Until
March 24, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
24:C2:0A:E0:A7:05:1C:DE:6D:93:80:8A:AF:1A:AF:09:35:3A:05:E8:8C:5A:EE:56:B4:4D:8C:DB:63:CE:59:7F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
ponteplus.com
lowes-kitchen-style-quiz-cert-b.3dcloud.io
lowes-kitchen-style-quiz-prod.3dcloud.io
dashboard.agendina.com
www.ajamalkhan.com
www.development.amilkhael.com
mustard.appetiserdev.tech
lojasemanuelle.appshare.com.br
dev1-calendar.arena4b.com
v1.asilacasio.com
www.azekkani.com
www.bharanienterprise.com
bistalink.net
boxie.com.br
bracelit.es
report.taurus.bycopilot.com
caseypei.me
cataria.games
app.climate.ai
darelogic.no
www.decouvertesnumeriques.com
components.dereekb.com
xshr3m569u3jc.easyapp.co
app.euricobergsten.com.br
fimad.dev
news.findka.com
link-staging.flextechdev.com
tiecon2022.framez.sg
gdlfragments.com
demo-vkb.get-ikigai.com
getfigapp.com
pay.sandbox.pg-logical.gr4vy.app
halalstore1.com
honestguidetocooking.com
hugemike.com
www.icom-uae.com
www.ivlivs.dev
dev.jetbook.eu
www.jtc-kaitori.com
a.bo.jug.im
www.kelvinatemiehart.com
beta.labelers.ai
www.lifetrails.ai
www.limhaus.com
albums.llgsupport.nl
loudcurtain.com
www.maptionary.com
matxmate.com
allo-taxi.megataxi.com
app.melete.co
michaelsandor.me
mirroredlights.com
admin.mk-3.com
www.mkchama.com
sandbox.membro.neoseguradora.com.br
word.vault.netlaw.com
ofoghlu.net
dashboardfs.onlystruggles.com
esyp.ieee.org.eg
pedromota.dev
perform-all.com
saints.dl.photoxor.com
porta-nova.ch
redirect.proposal.studio
applite-qa.qservus.com
ficus.replaythat.com
www.rightroutine.com
amz.risqueoffer.com
www.robertfrigerio.com
test-tickets.roobixapp.com
scheresteinpapier.app
shibsamurainft.com
www.shiksha-ed.com
www.simplykooi.co.za
sintra.me
jmg.sitikhadijah.com
skypopcorn.com
sotosoft.es
mobile.spaq.com
www.business.sportshi.io
dev-phonesupport.starkey.com
www.steventhijs.com
studiorilla.com
www.takiyoedu.com
theweedshoppe.thesoftwaredispensary.com
thetataumiami.com
trollhitbox.com
tzbsystem.cz
www.urltoolbox.co
www.us2nigeria.com
app.vidocto.com
dl.webuters.com
www.weeklybudgeting.com
willpark.me
uploader.ru.wow-dev.org
clinicadelnorte.xegmenta.net
yayshop.io
yourtopicwheel.com
app-dev.zoomrpm.com
privacy.zupaloop.com
Other domains in certificate