Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=dev-reporting.calibr8digital.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
February 04, 2026
Valid Until
May 05, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F6:FB:08:42:D6:B4:9B:2A:BF:DA:DA:BD:23:6B:DF:59:FC:3C:D2:B4:21:2C:90:ED:6E:BD:6C:35:89:9C:EF:A1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
usk.menuqrate.com
3dwhiteboard.com
acousticators.band
www.alexminzatanu.com
www.aligach.net
covid.anaxee.com
anthonyandkelsey.ca
artists-valley.com
timer.benjaminali.com
www.bertels-beer-pong.de
botif.ai
buzznbee.dev
dev-reporting.calibr8digital.com
www.campfirereads.com
www.chooking.dev
comefollowmeapp.org
horde.daneren.com
www.davemuskett.com
davidplatas.com
www.disimprove.com
doopproducts.com
escribanialeroux.ar
campus.flairboat.com
www.flozom.com
sign.g4ai.com
www.gameyourwords.com
stocks.geslub.com
static.getinsights.io
user.goodbyegambling.com
scoreboard.hamsteryang.com
hasirele.com
holistichealingcounselingcenter.com
giveback.homeologycandles.com
sbp-auth.ibep-prod.com
nguyenthanhnguyen20225214.id.vn
imagineagame.com
institutepage.indivue.in
m.client.jamku.app
dtr.jasonhardin.com
jettois.com
jmcrumex.com
khroliz.com
kitsunecompany.com
survey.koco19muenchen.de
www.konrad-dinges.de
www.laprocure-evry-collectivite.com
tile-stg.lawatlas.org
review.app.leye.com
logisticssolutionforyou.com
links.loofmodnar.com
livetour.louisvuitton.com
fireline.lsattachiris.com
www.m-n-m-wed.com
maganix.com
magicjays.com
maimate.app
makowis.com
mamlapke.dev
marvinalberto.com
app.matrado.ca
blog.moertel.com
moodjournalapp.com
mortimyrrh.com
mumtaz.my.id
b.nanes.org
www.neuronths.com
noblevh.com
osixcustom.com
papeleriamanzanillo.com
www.patwhealy.com
iot.dev.perlstreet.com
l.personal-best.app
praservirmelhor.com.br
www.pugovka.by
ravensfordtailgate.com
refineryartists.com
rhynocare.ca
www.securedev.us
sethhenry.dev
kmt.shakeeb.in
sitnshare.com
www.skeletonscreens.com
edl.skyrenov.fr
slitherylearning.com
staging1.snkrradar.com
www.spiritbearkaratekobudo.ca
sprify.dev
eventhubtrivia.sqwadhq.com
bodafunessotelo.swanmoments.lat
tavoohoh.com
www.taxiooty.com
tevonwallace.com
thetrackboss.com
thomazcapra.com
tivelabs.com
mpi-logbook.tpmap.xyz
twyfels.com
pds.ubsmart.kr
admin.wagmipost.xyz
frida.zpmmoste.net
Other domains in certificate