Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.itepsi.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 29, 2025
Valid Until
January 27, 2026
74 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
88:B6:25:82:0A:BD:BF:66:30:7A:B5:56:78:94:94:05:58:98:4C:40:EA:B1:63:12:AD:93:DC:3A:C9:27:B6:51
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.commandercodex.com
cms-cert.3dcloud.io
office.77app.com.br
abetivedigital.com
aips.cc
redir.allknit.org
anheto.com
www.applock.app
www.artbymente.com
artgillespie.com
www.artpublic.io
www.ayushkamat.dev
azashi.dev
bellamassablm.com.br
dev.bipod.fit
business.birdsdelivery.com
bizmanagement.in
www.blixify.co
liveorder.botio.io
chrisbp.com
prontopizza.clau.io
aeic.co.kr
app.coalpot.app
gdg.com.bo
deliglobe.com.uy
sonsuanhagiare.com.vn
sesion-diciembre.congresoamtip.com
www.davidmendoza.org
deliverysales.net
www.ditiem.games
duna.games
trans.e-onlineservice.com
elisabethfalkemo.se
ella-guesthouse-srilanka.com
api.ention.eu
exajot.com
www.extradimension.games
www.facts.fyi
financialfun.org
www.fitquest.fr
formito.com
freelancetw.online
neo-staging.fringe.nl
germanhood.com
guiders.pt
app.healthcode.org
rbs-staff-app.heathmans.net
journal.homegreenery.in
house.com.br
invitesfor.in
www.itepsi.com
www.jasoncct.dev
www.jpsrobotics2554.org
www.jvelaz.com
app.test.liven.com.au
share.lmk.chat
www.longterm.guru
www.luxrestorations.com
magnificent.events
www.mandeepdhillon.in
covidkerala.mayamd.ai
homecare.medeintegra.app
jpprojetos.milidata.app
intranet.mimyk.com
ulink.naz.edu
pic-tonybeton.mentor.neccton.com
dev.nopwd.io
www.ntsebeprojects.co.za
www.ozelharekatiz.biz
pdaware.dev
www.phyzzy.net
app.powertechsystem.fr
premiumconsult.net
portaal.produvar.nl
k.quesmatic.com
rakyll.org
caixabreak.renatocardoso.dev
rizka-adhitya.online
www.seemychain.com
www.soh-souen.com
gol.soklan.com
links.soupilar.com.br
verifywithprove.sparkwallet.io
www.sprachpilot.at
stonedgetech.com
internal.studio60.net
sutri.fun
rds.terrapirata.com
www.thatsfax.com
karaoke.touhou-search.com
treelc.com.au
troubleshooterclub.in
volym.dk
delivery.waiwaitei.com
walcoll.com
auth.whitemap-staging.link
staging.wpformsliteconnect.com
www.yogadrishtii.com.au
zachariahreese.com
app.zingoconnect.com
Other domains in certificate