Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=vitalsteps.nl
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 23, 2025
Valid Until
February 21, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
03:E2:B7:E8:FC:27:B9:EC:FE:E0:69:37:70:33:CD:44:1B:6D:EB:8A:E1:F9:19:34:8F:D3:F6:D5:54:DB:2F:50
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
ankushchauhan.com
11521877.peerly.app
meta.12traits.com
245park.com
lofi.4mi7.com
wallmobile.9lessons.info
auth.acropolis1989.com
admin.dev.affilimate.com
messaging.alexisgommet.com
oldportfolio.alexisgommet.com
app.allhorses.nl
app.almaapp.mx
alrehmanquranacademy.com
www.altonivelmoveisplanejados.com
anujguglani.com
dev-services.aquaroseirrigation.com
aramonstream.com
arnoldi.co.za
asecretmessage.link
aspectsone.com
dev.interviews.auctusiq.com
app.awaken180weightloss.com
belike.studio
benitrans.com
www.capetonianpoet.com
applinks.christiancinema.com
www.clearskiesengineering.com
www.supernova.com.tr
concordiabank.us
contrasts.app
authorization.sbx.discovery.corelogic.com
www.devorahnov.com
sib4.dicodingacademy.com
dimovconstruction.com
dorianthegray.com
primetimetable.ear.com.br
eeecccooo.uk
energie.immo
canary-wharf.equiem.mobi
exci.tel
www.fightron.com
foinq.com.au
www.foolspyorahuolto.fi
driver.fumes.app
test.galeriaecho.online
www.gamebanai.com
geomaster.biz
www.gotdoug.com
gretchenehrhart.com
trace-app.icheck.vn
inapp.idosport.app
isy-garten.at
gsa.jcorecompanies.com
www.kalkulatorsejmowy.pl
t.kdl.pet
legacypublishingcompany.com
diagnostics.liftstatus.nl
students.lkdkk.org
madrugaurbanismo.com
demo.medidesk.fr
www.minihome.studio
misletras.pro
adm.namahwellness.com.br
www.nestofthorns.co.uk
ogafit.com
omicronium.com
pansjournal.org
assets.passtalk.app
app.populi.ai
pop-new-dataflow.prognos.se
publiko.ph
pugnax.fi
punemanagementassociation.org
robbieelias.ca
www.rolldnd.org
www.securecode.app
auth.sellermetrics.co.za
simplifaisolutions.com
sirtassalot.se
solohealth.app
extension.sonovoice.org
srpholidayss.in
www.srpholidayss.in
www.standardexpress.pl
stewardtechnologies.com
app.superslide.co
surajsisodia.dev
app.teletec-tis.com
dk.testla.nl
therules.win
www.tjswholesalers.co.uk
auth.google.tokplay.com.br
tregua.it
isse2020.fei.tuke.sk
www.veilig-bewegen.nl
venleycapital.org
www.verestok.com
vitalsteps.nl
auth.wireguard.uk
www.yourcustomai.com
Other domains in certificate