Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=befriendok.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 05, 2025
Valid Until
February 03, 2026
64 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
9A:19:7F:4C:08:70:99:7C:B2:D6:03:AC:4F:EE:60:91:16:B0:5C:CC:3C:DD:78:C8:3A:78:CD:C7:74:87:B0:28
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
staging-admin.kegtracker.co.za
222.soon.it
www.a2bworldwide.com
integration.agrinorm.ai
akademiasamouka.pl
www.akhilbellam.dev
akvareldance.pro
alkebufin.nl
alliesaidyes.com
www.almaths.lk
admin.altosalentorealestate.com
www.arbitexia.com
super.beetel.xyz
befriendok.com
www.bluecoppertech.ai
www.cantinacargiaghe.it
ceylonalproducts.com
www.christmascalendar.org
www.clout.no
attendance.svifi.co.in
blancstudios.co.in
sales.isamu.co.tz
mersin33taksi.com.tr
comidasaudavel.app
www.cs-spaceports.net
danielgaskins.com
chat.davidsepulveda.xyz
admin.davsafaris.com
dillonhoa.com
www.drrahulraghavapuram.com
dulcitech.com.br
www.easynarrative.com
edwing-dev.com
pombocorreio.nanolima.eti.br
expedition-labs.com
expertseries.com
pf.fastriver.dev
www.fototecstudio.com
bos.furikuri.net
auth.goaudience.com
admin.goglobe.io
test.gourmetchefmanila.com
hughbaird.graduategowning.co.uk
healthycalc.com
helloiamjoy.com
it2phong16587.id.vn
namdapha.iitmbs.org
indecon.do
ibtc.kiki.finance
www.kosharindia.com
lamb.cafe
likeahe.ro
kb.logicwind.com
mahinibrahim.com
makemysystem.com
meetryde.com
api.metaforgeapps.com
pdca.miidas.com.br
www.mister-tee.eu
www.mister-tee.info
www.mixme.ai
monstergram.io
patient-us-dev.mybenefits.ai
www.mykitchenkart.com
system.oorbital.tech
mp.rafilis.org.tr
rafilis.org.tr
origamiconcierge.jp
parcelbee.in
pavelnunez.dev
phillymultiservices.com
sl.piersonmoran.com
hotel.ng.plasito.com
pomockocanima.rs
ci.portfolioview.co.za
app.proofpal.com.au
proptyverse.com
www.quitodev.com.ar
ready2disco.com
rhute.com
healthcare.scanalyticsinc.com
www.achimota.shsreport.com
app.slaydom.com
www.smithcopperpipeclassaction.com
snelx.com
midiet.stepinsight.com.au
www.studoos.com
authenticate.subashreepublishers.com
tvatta-staging.superoperator.com
syncscrm.com.br
tokyo2020.mocks.synesthesia.dev
api-design.taliferro.com
www.taxiwalas.com
thecutedosa.com
syscap.trinitas.mx
vejainfo.com
vincevahala.com
admin.visithabibi.com
2b-stage.xdteam.io
yarkalyan.store
Other domains in certificate