Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=darten.apps.mindtraffic.de
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 07, 2025
Valid Until
March 07, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DD:AB:1F:EC:80:C0:C1:0E:95:2C:6E:99:A7:AA:3C:3B:9B:1E:7A:C1:8A:4B:38:BD:61:6D:D0:EE:54:72:0C:13
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
200e75th.com
14.moserstrasse.be
staging.monitor.api.coverage.28east.co.za
www.4kpainting.ca
photos.allsports.tw
appsforce.io
app.appspotshot.com
link.staging.arcadiapower.com
bimdoskol.cz
www.blekejet.nl
braseirocarnesnobres.com.br
www.budubana.com
www.capstel.com
gcp-us-east1-10.dev.app.carto.com
cferris.net
chi.cafe
citation.network
api.claimsgate.co.uk
otp.clau.io
neuralspace-prod-api.closedcaptionconverter.com
www.app.qma.co.il
www.tzufy.co.il
events.comline.app
convincing.link
crechecasadocaminho.com.br
cryptube.app
qa.demoworkspaceedu.com
dharshinisricrackers.com
www.digitalknow.how
www.dmhubapp.com
www.documatept.com
jam.drumbox.app
edwardswatersports.com
ebenefits.ewhallet.com
www.excuela.com
www.fagerlund.com
www.falkens.at
pizza-hunt.play.funfactive.com
static.getintheloop.ca
gowthami-weds-vasanth-for.life
www.dev.greco.fit
gundo.life
himbeerschnid.de
taro.hodlme.app
larkspur.horseriding.app
portfolio.hugebelieve.in
invite.human-detector.com
reporting.ifocusit.ch
inborndeveloper.com
admin.qa.invoicenxt.com
admin.ishealth.app
www.jaggerpowell.com
bestmusic.jampad.app
www.joshitravels.in
kiwiammunition.nz
www.knowharrison.com
link.kokobot.ai
link.kol.store
kolarikova.cz
dev.app.konch.ai
dev-cherry-app.kpos.store
maurotello.com.ar
link.preprodapp.mdrt.org
darten.apps.mindtraffic.de
otw.mka-karate.org
muque.ro
only2u.fr
otorihub.app
pitchcenterapp.com
lpny-0411.porcupine.live
qrdocs.co.uk
staging.rakutenadvertising.io
www.rincell.com
boxauth.ruixi.se
scheduly.org
www.sello.com.au
serverful.io
shopfast.vn
app.skwad.io
software-craftsmen.io
timetable.sonhuynh.dev
lp.stand.fm
www.surajconfectionery.com
vws.surv.in
l.symptohealth.com
tour.fs.tammeir.com
www.therapylife.in
www.translated-into.com
api.tweetbutler.com
m.starrewards.valero.com
vayuway.com
cryptoshelf.veruset.com
app.vitalera.io
link.vpngate-connector.com
www.waltermullen.com
whatsintheboxny.com
auth.wholefoodearth.com
url.xcode.no
invite.yeolpumta.com
meet.zoltankundi.me
Other domains in certificate