Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=dev.glow-ortix.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 26, 2025
Valid Until
February 24, 2026
85 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1B:92:62:99:8D:D3:EC:0F:27:50:13:60:8B:6F:CA:D4:9F:55:57:21:8A:55:72:06:C4:AE:F3:47:9B:EF:3A:23
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.buddyhomeworkout.app
03king.com
cms.adema-personalservice.de
pr.angula.app
areteandathene.com
associacaomaosqueacolhem.com.br
avvocatifontanazzamingrino.com
mturk01.bcause.app
bluutopia.io
brainztech.net
app.brannintern.no
brianltang.com
ohms-law.at.calculatorhub.app
parallel-resistor.at.calculatorhub.app
carescueprev.fr
trackingdeincidencias.cc-irdigital.pe
stay.beta.cityrelay.com
conceptsetting.com
p71-dev.credeo.io
cryptox.kg
www.crystalpops.com
edusustenabil.ro
www.edusustenabil.ro
auth.embetic.com
englabs.io
dev-rosters.everettrowing.com
www.flyby.jp
fntel.app
partner.fooding.io
givegrove.com
dev.glow-ortix.com
gsquareclothing.com
msi.hazling.com
assistance.hotelconciergeapp.com
www.hotpurpleberry.com
link.ifanow.com
ikriyo.com
bees.infinite-y.com
www.interreader.com
jcw.properties
jenniferfordsmith.com
www.jimdgeiser.com
dev-app.jumpdata.co.uk
justinjoseph.me
www.keuxe.com
kiraz.es
app.ko1.space
auth.kotohomes-stage.com
rfs.kriasoft.com
www.laesquinitasabrosa.com
lenimaguwe.at
annuaire.lepoool.tech
m.livekaraoke.net
www.liwafelk.com
login.1815.ch
mailam.m1studio.co
mathtrainer.fun
anims.memeandsticker.com
shop.meprakun.com
miles2go.in
mina-asad.com
finadev-apply.money-phone.com
mosaics.fm
www.my-pet.dev
whenweb.nathanpollock.com
webinar.ispn.org.in
parsill.com
www.homepage-dev.pocketpoints.com
sleep.pokeguide.app
referral.pollyn.app
pqueuer.com
pulsr.app
purflies.com
pustakabunda.com
re-right.org
realtime.nu
coaching.dev.retorio.com
richardson.co
maintenance.staging.safetyinminutes.ca
safinto.com
pdf.scj.io
il8yrr01paqlmwnw4pph.smartimob.io
solariumnft.art
design.sonsupply.com
dls.sparxvr.com
standoutwebdesigner.com
techoptimisation.ca
tnramarozatovo.com
portfolio.vaade.co
spotithing.veert00x.com
vekotek.no
vio-dev.com
admin.vosees.com
vwvan.life
warisvirsede.ca
weeklysnax.com
widget.wejugo.earth
connection.wowtalk.jp
xaan.in
test.yokoy.ai
Other domains in certificate