Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=perceptiontoolkit.dev
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 23, 2025
Valid Until
December 22, 2025
37 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
83:56:38:8E:D5:0A:CC:B4:6E:52:08:AF:FB:94:13:CE:88:0D:2D:DB:24:00:4D:A1:CD:1B:0F:E6:B3:A9:2A:B6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
tornhult.se
app.1stcutoutings.com
flx-productconfig.3dcloud.io
multiply2d.99dojos.com
www.adconsultinghh.com
africannonismandpeomocracy.com
yolo-staging.animax.eco
calendar.anjafritschi.ch
aramed.info
www.arcarga.com.co
basbus.app
www.bergenforukraina.org
menus.dev.bevwerk.com
console.bigadvice.com
bikeaholic.app
brewbuzzcoffee.com
ilosur.buscontrol.app
www.changkgold.com
alpha-sungsimdang.apps.flyground.co.kr
development.coinsmebol.com
www.confcar.com
console.demo.connectsx.com
mapper.coronachile.com
test.croptic.ai
darklabsubscription.com
www.deepakswain.com
devangles.com
demo.dragondevs.net
e1.gg
easydelphi.net
egolf.ai
energiadireta.com
app-voluntario-modules.enricomisasi.com.br
www.estamoscerca.uy
dashboard.eztrackr.app
staging.fairmus.com
dtech.figgoapp.com
login.test.fingertips.in
f.forfav.com
dev.tooling.futster.io
soycliente-miperfil.gnp.com.mx
www.hardwickcider.com
admin.ibaby-bh.com
jedbrennen.me
www.katiescarlettdesigns.co.uk
golang.kkoehler.com
lajanm.com
staging.logisticssolutionforyou.com
hamburgueriadanice.lupi.delivery
lutreeco.com
marve.app
webprescriber.medicbd.com
fund-raiser.memberwizard.com.au
merabtene.me
hochzeit.mertes-lieu.de
metaverse-biz.site
manage.dev.mitemma.de
mithealth.app
mkrinvisiblegrill.services
app.mksh.cx
ncov19update.com
www.netsev.dev
mmgh.newneek.co
crypto.newshacker.io
app.nosotrosguatemala.com
login.onpay1.com
www.optimoney.app
www.oufit.app
oyoy.eu
www.pack312miami.org
www.padel4play.com
perceptiontoolkit.dev
go.ping-go.com
pitman.be
www.pixellogicapps.com
dfds.planeringstavlan.se
stg.pentagon-japan.re2fe.com
www.remotemonster.com
www.rumbledev.com
sandbox.admin.satsy.com
shhhfest.eus
vtc16.simpliroute.com
avuybn76vd5g9zbw7nsr.smartimob.io
www.soficloud.com
notes.sophiasharif.com
little-kitchen.studiossolution.com
tanadium.com
tecnoaircoldcr.com
face.thai.run
thechiliwey.com
platform-toast.thelevel.ai
admin.tucar.app
tylercutler.com
auth.stg.unthread.io
timereport.urbanhome.app
www.vaagaiwelfarefoundation.org
vergihesaplayici.com
vsclientstartup.viewspark.org
www.yj-europe.com
live.yorga.fr
Other domains in certificate