Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.devprompts.ai
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 02, 2025
Valid Until
March 02, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D9:5A:86:32:2D:30:01:54:82:7C:E9:60:9A:F9:A4:B9:56:C2:1A:9F:62:7B:BF:0D:75:42:37:90:48:81:6C:F2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
srcerrajero.com
sdk-android.abra.ac
agsi.co.za
astroguruai.net
athenpellicci.com
tc.avec.fr
dev.bepos.io
app.birramos.com.ar
portal.blossombodyworks.co.nz
www.blushingowlstudio.com
bollywoodmovies.us
supporter.charitysuite.uk
chizu-puzzle.com
www-staging.chrysalisfinance-ec.co.uk
cleanundfrisch.de
www.nurturewellness.co.in
ctrl22.ru
www.cut.no
develentum.com
www.devprompts.ai
dots.tokyo
tss.uem.edu.in
reset.eharis.com
eizir.fi
www.elegantnaturalhairs.in
epic.llc
www.eregar.com
coviddashboard.eugenectang.com
fortifysystems.io
rsa-ecom-app.frt.vn
getflick.me
goguma.jp
smart-admin.drohobych-rada.gov.ua
evaluation.release.haleoclinic.com
proprietaire.hektar.ca
onboarding-quick.homebox.co.uk
links.hoogly.com
app.idiari.com
www.jonasstjerne.dk
kierratys.info
days.lave.dev
coordicide.lexer.dev
levinson.lshub.net
lubiz.com.mx
sb-m-twa.lvbet.pl
www.magika.se
marketdeals.co.za
www.melty.cafe
event.memries.de
sos.mesbro.in
www.meshmeapp.com
miaosuits.com.au
www.misheel.study
www.mvscorp.in
dice.norapiva.com
apps.nostarworks.com
www.odxpo.com
www.omega.best
orangebrix.com
blanderiet.ordreplan.no
oxushr.xyz
pilestredet29.no
internal.poured.us
quirkybuddy.com
qurbani.ca
auth.rightsize.cc
ronnytalkscrypto.com
dashboard.sahabapp.net
umn-system-campuses.engage.staging.sasaki.com
mapas.sembrandoalianzas.org
sensoryadventures.app
silentbyte.com
survival-401k.solerabank.com
demo.solismachines.com
soundvisualiser.com
r42-web.spandl.ca
app.spesesanitarie.it
dashboard.spotapp.co
app.squadpod.com
www.stand3lone.com
startingpointapps.com
www.stoneleft.com
strivellc.io
urbanito.tcontur.com
teammurosta.com
www.teego.live
tevakku.com
the-hormonicers.de
thecampus.education
map.thinktransportation.net
tomasgoncalves.me
www.tonym.us
link.tradecentre.io
f.truss.io
tuki-taiyou.com
tyrlen.org
app.vapourex.com
krishnagiri.vishnutaxi.com
app.womenssafety.scot
sales.wpdistributor.com
Other domains in certificate