Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=dev-admin.pharm2market.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 15, 2025
Valid Until
February 13, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BC:98:74:D7:BB:09:8A:41:2C:7D:FA:FA:0C:7A:41:C2:52:A8:38:5D:D8:02:A7:22:29:39:88:A5:E9:CB:4D:B6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
sso.easyfastai.com
aayushbhutani.com
acceatrading.com
app.acuhire.in
adducive.com
adorpro19.com
albayrakburak.com
althia.com.mx
windswell.ansync.com
applicentric.ng
client-uat.appskoko.com
www.autofit.io
www.badbeans.dev
callblocker.badiale.dev
buggasoftware.com
buildaclassinitiative.org
bungeefinder.com
businessbuckets.com
www.cambrera.com
carlliepmann.com
chaimnazeer.com
www.chalimerocreations.com
edservices.com.do
atlantmetall.com.ua
wadafact.comazon.dev
covsta.com
craftaclash.app
singingcoach.creedom.app
data-medix.com
dropmytaxi.com
earling.io
www.edveloper.dev
embajadoras.mx
emerycoxe.com
app.enthusist.com
kosovo-elections.exploredata.app
faststartwork.co.uk
app.fluxmanager.com
formatoriitaliani.com
fynegames.com
www.goaugiecamps.com
gpsverdict.in
app.guustav.com
haochenwang.com
rentals.haynet.horse
www.hazu.io
dev.arcs.hello10.com
idealmatch.app
www.inarimusic.com
app.inuko.finance
www.inuko.finance
vibeil.it.com
jemmsolutions.com
adventure.jeremyrabaino.com
carreira.jobecam.com
kenoshaurgicare.com
blog.kestreltools.com
adrol.keynexis.com
www.kingofludo.com
auth.kontentik.com
app.kubeverse.xyz
www.latamcapitaladvisors.com
cloud.leadautopilot.com
estimate.linky.app
maitredejeux.ca
mayabay.mapleworkspace.com
va.mari.com
mastercarva.io
auth.mauju.com
v3.mlink.no
nighter.jp
www.nodetrax.com
ntag424api.com
pelicn.com
dev-admin.pharm2market.app
phoebeapp.com
pixlzen.com
www.pizzassistant.app
poriairport.fi
quizandbrainteaser.com
connect.reach-dev.me
photo-gallery.renzramos.com
safk.app
sail-ev.app
www.sanatmente.com.co
mviii.searchall.site
shotbyfrank.com
uchealth2scramble.sqwadhq.com
www.stancilventures.com
merchant.strideq.com
ina-dev.studiossolution.com
sviluppiamo.app
tiagobarreiros.pt
app.trkx.com
unicard.cloud
www.unicard.cloud
www.vishnuavanthsa.com
admin.wellcome.biz
whalemeup.com
xpressshopltd.com
Other domains in certificate