Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=hoefl.at
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 28, 2025
Valid Until
December 27, 2025
44 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E6:BD:AA:CF:9E:12:AD:87:74:F5:5C:AC:0E:62:04:05:E0:73:FA:36:CE:43:D9:C9:8D:44:BA:D3:17:E3:E1:F4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
aadhag.com
ukpn.prod.advanced-infrastructure.co.uk
afterworkcoder.com
agricaph.com.br
www.airwise.app
alefmentalhealth.com
alexiscanas.com
allurejets.com
alosimusic.com
www.amaazonherbalsindia.in
andrewstunts.com
admin.angoneze.com.br
todo.appyond.com
arelygabriel.com
www.arlyntechnology.com
arnaudcortisse.com
asilvertongue.com
app.asserted.io
azimpradhan.com
badinvestmentcoin.com
bennilson.com
www.bilal.codes
www.boltrik.com
brokerfixer.com
brosofafeather.com
campeya.com
www.interpreter.cappisco.be
bckiaoftupelo.carmunity.io
carncrossproductions.com
game.cavegame.io
k.cndrd.xyz
synco-jfl-qa.roadcast.co.in
www.cinemedia.co.in
mobileapp.concertoanalytics.com
digitalrads.com
auth.dirtcheapmover.com
doktr.be
einarvandevelde.com
www.emiratesautomation.com
escuelasanpedro.com
ksa.finnovex.com
flightlinevr.com
gaganbath.com
revlog.getinstacash.com
gruensicht-eisenstadt.at
support-restaurant.gupshup.io
hoefl.at
partner.hungerloop.com
www.invidstor.com
www.jesusyouth.de
samaroham.jetgermany.org
sudoku.jlg-consulting.com
www.k-wineclub.net
kampourisdeli.gr
www.krissreeve.com
ludoeasycash.online
incidencias-web.madema-app.com
we.make.builders
me-project.org
dev-swagger.mintyscore.com
go-business-renewal.dev.mo-t.com
myfreeqr.com
neutopia.run
aktuelles.new-mobil.de
admin.novti.io
nowonacra.com
www.officeshiro.net
ogden.co
admin.onelife.vn
packinglist.io
www.paspoortvoorsucces.nl
www.pentamusic.io
www.picnogram.com
www.portablecoffee.com
rawmoonstudio.com
retroyilan.com
rimaeternax.com
savonlinnaairport.fi
app.screendroid.com
crm.sethidadhaba.com
nft.sheplatform.io
sonicstrains.com
sq.bi
dev.app.swidoc.ch
www.teamyaffa.org
softlogicdemo.topnotch.club
www.transloopsprint.io
trialmatch.ca
trigatti-snc.it
meuusu.usucampeao.com.br
varuj.to
www.vasantshrushti.com
deeplink.velauto.com.br
www.velokargia.net
abonniere.wanke.jetzt
dashboard.watermelon.co
winderful.co.uk
www.zeya.co
www.zincora.com
www.ziuni.co.jp
Other domains in certificate