Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.buildtracker.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 24, 2025
Valid Until
December 23, 2025
41 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
96:12:AA:F0:95:9A:FA:CB:7B:7B:97:D5:EE:2A:8F:79:B0:05:D6:C5:CE:65:B1:76:B8:DC:2A:18:93:69:4F:A2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
portfolio.devsancabo.com
freedom.5f.app
9-ix.com
web.airgift.app
service.alko-garden.com
andreabernasconigiardini.ch
www.andreabernasconigiardini.ch
appsmob.com
zone.assignmentsage.com
awright.me
beatbarrow.com
benjamin-morelle.fr
benralphphd.com
bespokeconsulting.co
www.boundingboxcreative.com
braun.app
www.buildtracker.io
builtfamily.com
cartman.dev
chevenansante.com
web-playground.cimma.dev
classcheckpoint.ca
closedcaptionai.com
ronakcorporation.co.in
codeplots.com
www.gunespharmaphyto.com.tr
www.dedop.org
dashboard.beta.self.dinii.jp
divyanshiballoondecorations.com
test.dpgpuzzels.nl
easce.se
edhallmark.com
egidion.com
staging.patient.ekonsultaclinic.ph
elemantistechsolutions.io
eliudsamwel.dev
pharmacies.essentialclinic.ca
www.fahadmomin.com
fotowings.com
painelregistro.g2canal.com.br
www.gaassau.com
gpuminute.com
www.gsvrisk.info
www.harajuku.wtf
www.hitest.ca
www.humancloud.xyz
ironbility.com
jagadeeschouhdary.com
jinxvb.com
deep-link.justsimple.finance
app.kadmik.in
kakaonline.vn
play.khunmook.com
nfpcsdemo.kineticexpression.com
leiseletric.com
lizhuli.de
lygom.com
lynns.me
bodegadideco.mappu.cl
www.matchmagik.com
maxhagglund.com
tutorial.meander.media
www.meetingtime.app
memstate.io
dev.minicule.com
www.miturl.com
moderateimage.com
dancehub.mshguru.com
viewcor.netradar.com
parelmoer.be
auth.pedidorapido.app
plainsea.com
pncl.cc
www.proto.software
qurankarim.app
www.ratesrecaps.com
www.reiche.dev
app.roble.eco
www.ruhland-kallenborn.de
universitymanager.schifflers.be
seanfinnan.com
senselabs.ai
garage.sofar-bg.com
sorobanquiz.com
en.stenograf.io
stephenwomack.com
studios-web.com
sudameriaviajes.com
tool.talkwithguru.com
www.taylorpiccarreto.com
tekotattoo.com
theismengineering.com
tripbuddys.in
ethraffle.udayvmenon.dev
auth.thrive.uk.com
upyourarcade.com
www.vigory.app
staging.walk-for-alpha1.com
www.smarthome.wasdlabs.com
wyrddata.ai
Other domains in certificate