Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=salus-medical.cz
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 20, 2025
Valid Until
March 20, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
96:DD:D4:30:C8:D5:BD:9F:12:13:BB:53:5A:88:8E:AD:12:22:2F:CA:EE:50:C0:5A:E0:B4:87:F5:83:F1:04:1F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
card.cesariux2596.dev
21sina.com
accessfoundation.in
app.aerokeeper.com
aiesthetic.in
alexminzatanu.com
tools.alphanumericideas.com
astro-menus.anatta.dev
www.baeckerei-reider.at
www.bardac.net
behindpixels.com
wl.benfeitoria.com
niklas.bertolami.net
bitwiser.io
clubeloctogono.bracelit.es
json.bravobit.com
phase1-app.breazie.com
brownmannhcyberops.in
ad.bsf555.co
btnlending.com
testing.tsw.bvrad.com
present.s-drops.capcom.com
quality.portal.ccreatorx.com
beta.chillingpoint.com
app.smsgrp.co.id
4leaf.co.in
techmet.co.in
www.learner.co.in
feedback.bewell.co.ke
coffee-time.app
ecf.adminplus.com.do
admin.contigojuegoyaprendo.cl
www.crazyoats.es
www.cruncher.io
cybernetex.io
www.digiallpa.com
www.edhub-int.com
dev-web.edquizz.com
verify.eelammaangalyam.com
cdn.einfach-reisekosten.de
mail.erfengenharia.com
fadingborders.eu
ideel.flitter.fr
test.floodteamms.com
flowject.hu
xtrasport.foxiomlabs.com
freestyleart.eu
www.gistio.com
golden-royal.org
nmg.hamrohelp.ai
www.collect.huruinitiatives.com
uae.ihhsfair.com
ivcard.io
angularforms.jenniferwadella.com
www.jhylee.com
khalpublishing.org
klevoogames.com
lenn.ie
www.liberty-tips2.com
luizaserson.me
alpha.luke-roberts.com
macrodata-refinement.net
koelewijn.medewerkerstatus.eu
app.moddifi.com
www.mofti.link
momento.fun
documentation.motapi.com
www.muniuday.com
towers.nocturnestudios.games
okny.io
ru.onefin.in
www.opsteelpan.com
www.pwanifarm.com
www.rapiddimension.com
www.realmstats.gg
auth.replay.fr
www.restauranteyamal.com
ricaun.io
go.innov.ridegoshare.com
rkhn.nl
corp.route9games.com
salus-medical.cz
dev.scaleup.de
sevendaysoffire.com
signexpressus.com
www.smaugblog.com
neo.spectrosolution.com
wr.storyline.care
suryacarwash.com
royalbus.tcontur.com
renewals.thequad.in
www.trustsafeaudit.com
www.ubitlogger.com
partners.venleycapital.com
www.viverotarrazu.com
www.app.wayflows.com
www.webcity.se
game.whaleislands.com
womendrivendev.org
xtreamers.io
Other domains in certificate