Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=edra.rcinvita.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 07, 2025
Valid Until
March 07, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C6:D8:B3:0F:A2:5A:A4:A9:D1:2A:BF:93:9E:52:73:FB:EA:48:07:8D:3B:F3:C4:0A:96:E3:93:8A:A2:5E:10:0E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.mdisanto.me
analytics.preprod.2050score.com
joybird-scene-config-test.3dcloud.io
naveopro.emergencylighting.abb.com
fb.albatrossaccess.com
www.amritjeet.com
apexpad.app
www.ardrossanstorage.com
www.asesoresjtcasociados.com
us.test.gfc.avisi-apps.com
live.capecodchurch.com
staging.dashboard.cityhelden.com
wmsg.withwho.co.kr
tykes.devpass.co.uk
sib5.dicoding.com
www.dogstalker.com
efreela.app
finansap.com
www.firemenu.app
demo.first-reader.jp
my.fx-id.de
grademonitor.com
food-app.hashmicro.com
risaleoku.hatimdagit.com
hersenwerkpropsy.cz
app.highticketexpert.com
pay.hoddle.app
www.idealsst.com.br
www.indiatribaltour.com
desk.dev.inkryptus.com
foodcourt.isthara.com
www.ithasbeen.xyz
www.jessyouellette.com
linkdevelop.jinovel.com
johnwalkermoosbrugger.com
test.kagitoyna.com
kangaroocareindia.com
troxlerslog.katalysatorduravermeer.nl
kanserien-asl.kenartmedia.com
kindbio.com
app.koshka.se
www.krispynet.com
www.lendoe.co
universidadveana-performance.lernit.app
lineprophet.com
www.lisalt.dev
dashboard.logexa.com
cms.luckytradeca.com
kaizen-c-admin.m1studio.co
www.martensoftware.com
medicle.fun
melopartyapp.com
mhjentry.com
balcao.midiamarketingtecno.com.br
mutefly.com
opinie.informacion.my.id
app.nakeddatingapp.com
www.nikkeviewer.com
vue-ponyracer.ninja-squad.com
docs.staging.noyoconnect.com
www.ohirudayo.com
www.opuluxe.it
login.parentslove.in
www.perfecttablettools.com
pharmresfoundation.in
piratesdroid.com
www.polexitpartia.pl
www.querreveld.nl
app.qvin.com
www.rancholabota.com
edra.rcinvita.com
yolofund.reecewalter.com
hortolandia.regularizada.com.br
auth.revtrance.com
rospilot.com
www.salussms.com
samesquire.com
securycom.com
link-dev.setoko-test.com
simplinsur.app
sixencuestapulso.com
invitacionhonduras.swanmoments.com
swiftboard.io
www.tallyflex.com
tasktodo.net
app.staging.terramatic.ai
www.testable95.site
assessments.ticktalkto.com
transify.io
tricera.com.br
troelsmunk.com
www.twoscoretwo.com
useuptownfresh.com
vinfraspec.com
dev.volkaapp.com
volkaapp.com
wlgraph.com
wooday.jp
yoavarden.com
inousign.zapsign.com.br
Other domains in certificate