Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=howtoinnovate.org
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
May 03, 2026
Valid Until
August 01, 2026
62 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A8:B6:6B:95:7D:1B:93:B3:95:E5:4F:65:62:1F:D6:63:A2:6E:CF:F7:B2:D3:C7:D8:79:A6:46:A2:90:F8:B0:60
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.varnawalks.com
aiflota.ro
ajnastudios.net
alisbarbershop.co.uk
www.andrebenevides.com
arc.ventures
www.argusbykos.com
www.becomeanestateplanner.co.uk
beerandwingsgaming.com
berdoungdee.com
referidos-auth.dev.bia.app
bornexus.com
brclub.in
www.brclub.in
cakgun.com
canella.co.uk
celorizon.com
www.curacode.org
app-dev.curipod.com
definetelyhuman.com
www.degendata.com
contact.digitup.studio
diprolimap.cl
diqy.my.id
app.doctrev.co.za
www.elitesamui.com
endlessrealms.ca
estimate-well.com
fortheloveofdarts.com
www.giovaniwannabeodv.it
gocm.co.uk
www.hartplaininfants.co.uk
howtoinnovate.org
incoravisas.com
isspiceaflavour.co.uk
jakev.me
jd2cv.uk
www.klop-nanny.com
press.kwartiermakers.nl
lcpoints.ie
www.learnersrider.com
letabli-blog.fr
eafcmax.litassy.com
www.lorenzovannuccipistoia.it
chapaquentemadragoa.lupi.delivery
admin.makestories.io
www.nabtacare.online
nanokit.work
nasaroyale.shop
neurax-tech.fr
www.neurosight.in
www.nid-de-poule.fr
app.onfact.es
www.onnutpethospital.com
login.optienergia.pl
www.ourcountrykitchen.com
phoenixsteel.lk
picmywave.com
www.pignusarg.com
prachisolutions.com
pronahub.store
qpicada.com
www.renmind.com
www.resources-technology.com
press.sainer.nl
www.salamaymusic.com
tools.salicetti.it
www.sevaspoorthi.org
sidekick-stage-eu.care-portal.sidekickhealth.com
app.sidsfarm.com
treelm.solvewithit.us
veolia-app.speakylink.com
veolia.speakylink.com
templereveal.sqwadhq.com
starlightsaga.com
stage.summercampslasher.com
www.swyftech.com.au
www.syntraaistudio.com
app.talkmagnet.com
appk1truck-test.npe.telepass.com
guardaequipaje.terminaldechiquinquira.com
thisgeneration.in
tijaro.pk
messenger.tradewix.com
rehearsal-editor.trb.to
truequantai.com
tungbach.vn
ubytovaniepikolo.sk
uxcontentvibe.com
veridecs.com
www.veridecs.com
vetyz.com
vishalsikka.com
blocksbash.vitersoft.com
bcp.volsurtravel.com
www.waspoenergy.com
xgroupcompany.com
www.yashikaalumirae.com
zachbronstein.com
www.zalwora.com
Other domains in certificate