Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.startingpointapps.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 03, 2025
Valid Until
March 03, 2026
49 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D0:F1:CC:AB:27:46:3A:69:C9:FF:49:C7:C8:50:89:79:FE:14:EA:4B:3C:B9:14:AB:73:19:C3:A7:63:0B:D2:71
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
arstudios.org
8bitworld.xyz
www.8bitworld.xyz
app.adiutor.co
storybook.adminjs.co
adox.games
admin.agendabarbeiro.online
scan.aglive.com
admin.akshatbullion.com
ampacityenergy.com
andrea-enning.de
beepbooplabs.xyz
benphilipenko.ca
docs.beyonddocs.com
canberracloudkitchen.com.au
www.change-buddy.com
clebodycamera.com
closence.com
unicorn-test.competitionmeet.com
conectaseminuevos.com
postulaciones.cydocs.cl
www.devengineeringlibrary.co.nz
now.dolphins.nagoya
dutchrose.dutchrosemedia.com
echolensx.com
www.ellumesolar.com
www.emrviewer.com
www.readingeasy.estro.ai
eventosge.com
www.ffffidget.com
www.flapz.io
www.fleetlogisticspro.com
flyingcolorsartsstudio.com
tapdot.fpsyndicate.com
gameilluminator.com
demo.getarmada.app
app-staging.getelevar.com
getsetcar.com
ggl.cx
www.givuma.com
news.greenwind.berlin
www.gridseak.com
grupodxs.com
haden.dev
haelent.com
himalayparmar.com
hipsterate.com
www.human-sustainability.com
iddhaa.com
www.iddhaa.com
www.igapo.xyz
industrialdynamics.lk
www.instalacionesgasalia.com
ipercash.io
www.jibespot.com
jpakjr.com
www.jsocial.io
www.postenboek.katalysatorduravermeer.nl
www.einkaufen.konrad-dinges.de
konteneryeventowe.pl
lamourvaincra.fr
serendipity.lapieza.io
onboarding.livingprint.com
console.lopay.com
www.lox.space
kshetra.macademy.in
marylandisopen.com
levis4000.megataxi.com
afterparty.mertes-lieu.de
mexicleancleanmore.ca
mobile-coin.com
morrowfirm.com
neytrix.com
odstopmedilex.si
onsight.com
www.ospitalis.com
auth-smartmint.pastel.network
pjs-collections.com
prove-app.com
link.quore.tech
www.rakuishi.com
realatixcrm.com
sarademasiart.com
wheelofdecks.scry.one
sd-store.online
shasea.sa
simpletrips.com
www.startingpointapps.com
stratup-tech.com
www.surgeconsulting.pl
theshopx.app
thomasjsmith.ca
stage.app.tripp.com
www.triqle.in
move.turnosweb.app
uat.upreach.org.uk
weappsolutions.com
app.worktocloud.com
tecmais.yesmkt.net
yout0be.com
Other domains in certificate