Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=trainingshoes.turnosweb.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 07, 2025
Valid Until
January 05, 2026
51 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E0:73:DE:7E:4A:A5:57:AC:F1:7F:42:A3:97:76:C4:CB:63:2D:A2:0C:8C:BA:B5:1E:CA:39:A8:22:9A:66:8E:B8
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.qred.in
bot.10xscale.ai
www.aaronkg.co.uk
application.advanda.app
advprofitcalculator.com
admin.akadevo.com
akaritakada.com
albumatii.com
alexandre-paradis.com
anthonypalicea.com
xira.apxor.com
arenarpa.com
www.b-52.be
baninzi.com
terminal.blocksettle.com
schedulerto.boxknight.com
asismed-app.bymovi.net
app.carto.com
charlesvessey.com
sainiphysios.co.in
dl.balaan.co.kr
cocomanager.com
app.conflict-solver.com
copowered.com
pagos.cordondeplata.com
console.deci-bel.com
devinnox.com
www.dgoossens.nl
mint.dopedudes.xyz
ekeko.dev
elcamino.cloud
elizabethkiselev.com
a.functions.eosn.io
www.ethanbulmer.com
hpu.etraderex.com
www.exposportmedia.live
www.fairyrescueleague.com
tnup.femiglobal.com
share.fitillion.com
agrani-remit-api.flexm.com
www.futoshi.jp
futuresquared.com.au
www.ginshohawaii.com
app.graphitewriter.com
helpnhappy.org
formacion.hub7s.com
huttcartel.com
integrarealtech.com
demo.platform.ishealth.app
hkl-ah.jec-digital.com
jonaspiela.com
site-dock-qa.kaizenplatform.net
store.kasoft.vn
www.keighly.ca
binding-dev.keynexis.com
www.klubsoft.com
v1-tad-prod.da.letsdive.io
madebyjinn.com
www.manlyman.tv
fashion.marmelade.io
mayra.com.co
www.mcastilleja.com
mekasansor.com
microbytestudios.com
owner.minforeningsapp.se
auth.mipayonline.com
www.moekayal.me
www.movingshortly.com
leadcollector.nextlevel.studio
e-learning.nixchallenge.nl
beta.opper.dev
staging.pangea-ai.com
dashboard.photofied.tech
triunfo.photofied.tech
www.poisedgenie.com
dev2.da.cp.porsevej.dk
coba.pslove.dev
bac.rjmgdev.mobi
www.shoothero.us
chat.sisidev.com
slye.dog
www.sunahai.one
www.tailor-code.com.ar
www.the-anomaly-game.com
www.trancega.com
trainingshoes.turnosweb.app
tutaxi.com.co
ultimatebeta.app
www.universallink.page
connect.upoint.mn
valueyourtime.eu
admin.prod.varahealthcare.com
qrkiosk.washere.app
whitesand.biz
tedxathens.yodelit.co
tedxgriffith.yodelit.co
tedxmelbourne.yodelit.co
app.youneedawiki.com
east33.yoyoreact.com.au
zyphus.com
Other domains in certificate