Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=msa.prodeo-live.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 26, 2025
Valid Until
December 25, 2025
40 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
8E:34:5F:88:70:A2:D8:0C:11:BF:1B:2A:69:B7:AB:75:47:C9:3D:4E:4C:C6:CA:90:72:A2:C7:F3:F6:ED:18:7E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
thebeewhisperer.com
aathisoft.com
spider.alpha.africa
amirmrkonjic.com
mustardseed-nursery.andrewcarey.dev
ankitamagdani.com
www.aroundom.com
bdcalc.com
link.bistro.sk
designer.bitgroovy.com
blog.5164.at
www.book-bind.com
www.live.budg.ee
www.bugragezer.com
cameronaschmidt.com
tracking.catatonic.be
zeicloud.dostesting.co.ke
cybrr.net
link.dalping.com
divine.online
dodovideochat.com
www.dr-rashmee.com
drivv.in
www.egolf.ai
englaf.com
engrish.fail
festivoscolombia.co
app.fifthventricle.in
luciano.forest-idc.com
www.fractalmakers.com
gestmamma.it
masks.grannyfab.com
loyaltyapp.groceryoutlet.com
hakkidongel.be
hometeam.com.br
decider.ibjects.com
igossip.buzz
jichao.li
jkithome.com
karumura.com
kotakpasir.id
www.kotlinquiz.com
unnatec.lapieza.io
lbrooke.com
play-staging.lisnclips.app
lnk.staging.listopad.app
www.livestreamvoortheaters.nl
www.luizmoura.me
manzarhaq.com
massagespaandsalons.org
meowtheinfinite.com
www.metaboat.com
mikegoodman.io
idfirebase.moboreader.net
mail.rifzki.my.id
dev.mylivox.com
capture.development.nationwidegroup.org
sandboxapi.neutronpay.com
speedlab.nt-me.link
opiniondata.com
www.orinoqo.nl
hug-counter.owenhay.es
peacefuladvocacy.org
phhome.in
staging-btnproperti.pinhome.dev
api.planless.com
portoaquitemsus.com.br
premieroficial.fun
k2.prodeo-live.com
msa.prodeo-live.com
pushpendra.in
mobile-dev.quincus.com
network-tester.redacted.ai
www.regionconectada.com
insight.rutemartajansone.com
www.ryanevans.co
dev-console.saapi.co
spacebook.salahanwer.com
www.scenes.app
app.dev.sipgate.com
speedbussemiconductors.com
sssolutions.pk
rfrd.strollhere.com
demo.sui-dapp-starter.dev
auth.tabify.dev
tbint.one
teamlounge.app
theokoel.com
thislink.works
apptest.tjing.com
www.toddlerflashcards.com
link.trendio.dev
turagui.com
psai.tv-insight.com
crm-preview.una-community.com
urbancasa.com.au
whitepixelsolutions.com
www.ylpplumbing.com
ylvaclasson.se
pokedex.zzxxccvv.com
Other domains in certificate