Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=rosanna.zechat.do
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 22, 2025
Valid Until
January 20, 2026
48 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B1:EF:78:D3:57:DA:5F:92:9A:F6:89:33:0A:73:67:62:76:C0:F8:79:38:DC:0D:F3:38:F3:EF:B8:07:06:7F:34
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport,script-src 'report-sample' 'nonce-uyrtyn8vL0Q09svPfviRxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
r.framr.tv
stg.my.academap.com
demo.actionbook.ai
aidcservicenatal.com.br
alexeyshmalko.com
dvsa.appliedinnovationexchange.com
www.arqui1.com.br
axomrefurbisher.com
www.barjar.app
www.battlebuddy.gg
contact.belshil.me
www.bingfolio.com
school-payments.childpilot.com
sietegranos.clau.io
reviews.clientchatlive.com
staging-login.clubhubs.com
mhv.cmedhealth.com
giftpump.co.kr
daydal.app
defacelabs.xyz
degensewer.xyz
degreesofchance.co
www.delightful-store.com
netflix.deshpande.page
donidiota.com
melive.dotinfo.tech
efilesecure.com
docs.electriqua.com
www.fembelling.com.au
topup-wallet.flexm.com
www.floodteamms.com
followfreak.com
careers.freenome.com
freshcc.ca
getgrow.cc
gitaiot.com
giveslow.com
www.gofinance.in
grantbroadwater.com
hamzak.cloud
hapifaceph.com
www.heartworktherapy.ca
integracefetrj.com
dollhouse.istaging.com
kaanyagci.com
www.kmzview.com
house.knatic.tech
knrtech.in
kshahash.com
littleeinsteins.school
dev.api.lokalebon.nl
btc.lycka.cz
conf.marmita.digital
marmitariatotutuus.com.br
mazrnow.com
link.memor-i.com
meuassessortech.com.br
link.moaja.id
nazarioglobal.com
www.neosunshinewellness.com
nitindhawan.com
nkofestival.ru
www.numerics.net
links.observatory.academy
olafandreas.no
orbestrategy.com
www.oreedo.co
originstrainers.com
www.partybison.com
www.pebblelist.com
pf2e-equipment.com
queenstreetsurgery.co.za
removeannoyingads.com
app.revolus.com.br
rpinvestments.ca
rxgrad.com
rynamic.co
safesuitesmissioncontrols.com
sajangautam.com
savagechen.com
www.seenacht.ch
djq.sequinmusic.com
hondaruggedroads.set.live
app.slausonrobotics.top
www.snapdine.online
www.starterplus.net
sudokupdfmaker.com
suzannemcgoey.com
www.techlyverse.com
theaihive.xyz
www.thethoughtcare.com
www.thon-carservice.de
app.toihr.com
go.trentee.net
admin.tumble.to
turron.dog
www.vastavya.com
venusdentalknr.in
wiingaard.xyz
rosanna.zechat.do
Other domains in certificate