Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.babyfairytale.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 04, 2025
Valid Until
March 04, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
77:85:03:EA:79:00:5C:FC:DA:9F:9D:78:38:A0:12:9E:4C:5A:5C:90:CF:83:78:88:F2:56:52:92:60:CE:FC:1F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.strongertogether.world
beyond-g.app.1on1navi.com
www.24atelie.com
harvest.a-vision.software
www.aaband.org
auth.dev.agently.abeja.io
notifications.airfind.com
www.alljackedup.org
anne-mathieu.be
firebase.appgua.com.mx
www.aromapa.com
ccpwa.atomsvc.com
healingcodes.awakening.systems
azcastudio.com
www.babyfairytale.com
www.bailarinadeprata.com.br
app.bankbuild.com
mentorship.blackmint.io
europol.blinkchain.io
contact.byzocker.de
api.caminandog.com.mx
demo-app.casted.us
desktop.cloudmallstyle.com
classilab.co.kr
external-login.globalit.com.tr
communitycattle.org
www.comunitaas.com
lnk.criptonita.info
projects.ctime.jp
www.dabgeneralcontractor.com
retos.dashport.run
www.databakkers.nl
metrics.datespot.love
dawidr.pl
digasystems.com
dividy.tech
auth.dreamscholars.org
app.ecimgdl.com.mx
extension.ethicsnet.org
eventexpertzz.com
sos.field.li
fiercesixleadership.com
app.firsatbufirsat.com
www.fizjoflow.com
www.foodmasku.io
dados.funcional.com
futureoforthodoxy.com
admin.garzone.store
www.geminidsystems.com
goalsofstrategy.com
functions.gotovo.ru
gptech-ai.com
gunnink.com
codefast.harsimran.xyz
login.huddleuplearning.com
advisor-kpl-stage-3.ischoolconnect.com
app.itrood.com
jaanesen.no
www.jessawoods.com
www.kalamkari.org
www.kikt.ru
bool-dev.da.letsdive.io
www.livebandskaraoke.se
livestreams-voor-theaters.nl
regression2.loadsure.net
warranty.lufi.sg
maikengunnerod.no
app.link.marx.lk
massivesteve.com
www.menstorah.network
www.mutsen.nl
admin.dev.myprism.co.za
netwhere.online
word-penne.neumann.tokyo
noteasy.io
www.nycsecure.org
www.oepworkspace.in
admin.pamelesxi.gr
b.pbla.us
perembisztro.hu
sales.prestoexpress.co.uk
test.projectboek.nl
resorts-world-ui.pulsegroup.tech
room-id.org
turnips.sandysandy.net
www.securius.tech
shopflix.io
shortener.io
auth.sozi.co.jp
events.stmaryswarwick.org.uk
swaluworks.co.za
metroride-static.swiftzer.net
www.sycac.org
www.tab-engineering.co.uk
pppix.trusom.com
www.valitovorchestra.org
demo.vodar.io
www.wellbis.pl
zaremba.lv
www.ziptv.xyz
Other domains in certificate