Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=record.retorio.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 30, 2025
Valid Until
March 30, 2026
76 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B7:30:20:AA:16:5F:84:D1:BE:9D:0F:9C:53:61:90:85:0C:63:0E:37:BC:B3:A3:EB:F7:3B:10:3E:57:85:50:D1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
students.openxs.org
4wheels24.co.uk
care.aldridge.app
reto.alosuite.es
apmabogados.com.ar
astrologyai.in
avdic.at
www.bateyholdings.com
refer.bharatcash.com
binghatti-hw.com
bluex.bet
meet.boarda.io
www.boilerplate-html.com
vetspire-extension.bondvet.com
bonnytools.com
staging.app.bussi.ee
staging.bussi.ee
www.caimi.cl
caregivers.care4giver.com
auth.centa.org
choosta.de
www.personalitytest.co.kr
coding-pal.com
santogusto.corntech.com.mx
warehouse.cosekeservices.com
dacap.asia
datasolutions.rw
dekadaprintworks.com
admin.dentbabil.com
developingadventures.com
a.diri.dk
api.easypool.in
robotposter.emotionlessrobot.art
www.ethanbdunne.com
pointbuddy.financialtravelbuddy.com
www.fltechnicallift.com
share.fonoface.com
evrak.forawatersports.com
forja.cc
guitar-frequencies.com
gulfcvmaker.site
www.hand-tools-market.com
www.imenyu.co.za
gif.inertia360.dev
inscouts.com
web.iotcloud.es
irep1.com
chevxeron-advisors-stage-4.ischoolconnect.com
ispendapp.com
www.janluis.com
jennifergb.com
www.jtancon.com.br
la.kspay.id
card.letshare.app
www.limonatibev.com
maazuniform.com
malurbalambikatemple.com
mariagutoi.com
dev.medi-setu.in
moetikeenjasaan.nl
mouve.in
mowerdoc.com
nadam.org
new-nightlife.jp
nondemics.com
onesheet.dev
www.onesheet.dev
osrstodo.com
peakroyale.com
www.peakroyale.com
preeority.com
www.q8tn.io
www.qlabstech.io
quicktool.tech
record.retorio.com
amarniwas.sachinkhetarpal.com
sarahtibbettsholistichealth.com
business.shetue.com
silencesuzuka.click
auth.standshelf.com
straightlineapps.xyz
logistics.stylecarousel.com
sunglab.com
serve.tapforcare.com
taskkernel.in
www.ondernemers.toegangsbon.nl
share.toothpickapp.com
order.townandcountrypizza.com.au
trythisnow.space
www.union-ratings.com
app.unionoficiales.org
register.untied.io
valetoken.com
www.velique.ca
m.walpoleoutdoors.com
wattorbit.in
webazonic.com
wedlyapp.com.mx
openpps.yodelit.co
www.zenomax.in
Other domains in certificate