Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=link.dentacarts.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 09, 2025
Valid Until
March 09, 2026
70 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BA:04:89:1F:39:D5:F1:5D:F0:A7:6D:84:9E:9A:63:8A:17:B5:1C:8C:5A:BC:CD:7C:D2:FC:B9:FB:C8:E6:B0:81
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
castleannuity.com
3dboys.info
www.9emeart.com
www.aatransportersltd.com
employee.mypet.adm.br
mypet.adm.br
www.aimazingapps.com
bilet.ardacar.com
asgperformance.com
www.asgperformance.com
atanasovsolutions.com
bookcalltaxi.in
www.bookcalltaxi.in
www.briand-jardins.fr
cat8it.com
ajsolutions.co.in
collabor8.us
sczcelik.com.tr
auth.communitypodcasts.com
comodoro.app
deatonae.com
link.dentacarts.com
desertconstructionservices.com
earsradioclub.org
acomenu.easysignage.app
nfc-thermometer.el-lakner.com
testfront-3262.endlessvn.io
falsetrue.app
lottery.fanest.jp
findingme.us
api.fitbykaty.com
flutter-freelancing.xyz
www.francescodimarzo.com
gementerprizes.in
www.gementerprizes.in
getcertifyhq.com
cobertura.godeliv.com.mx
goodworks-foundations.com
pay-staging.gravv.xyz
pay.gravv.xyz
groxd.in
www.halalcoders.com
www.hashimsalem.com
foxyrun.heatmat.co.uk
infystructures.com
www.ivobaramov.com
www.jadeonpr.com
jinjiashun.autos
www.jinjiashun.autos
korvexia.in
budget.koryhutchison.com
www.kubalatransport.pl
auth.leafsingularity.com
lenv1.app
levistayercaud.in
econotest.liidutpl.ec
www.lnaumov.ru
www.luigiserra.info
manosaggeliki.gr
www.mbitgames.cloud
player.mindbooztapp.com
www.mr-sales.net
mybizmanager.co.za
nativemeet.com
nexus.nextp.io
nilahaesthetics.in
peekback.org
www.pensioenbijrafti.nl
www.podonu.com
holospeak.qzz.io
rajreviews.xyz
signin.safe-check-in.app
samluxurybrecho.com.br
www.samluxurybrecho.com.br
www.sarahdaebler.com
www.sinopsis.io
go.skyfallen.org
w4.spielo.app
strumyforge.com
studiojmenegatiob.com.br
emushrooms.sumitmhatre.com
clients-v3-qa.swandoola.com
swastikfx.com
tattoogrojec.pl
technovate-hackathon.ma
www.tl-labs.com
toucan.ae
trevorsrecipes.com
www.trevorsrecipes.com
turkceninizi.com
stage.tuscutilities.com
tylerjohntorres.com
ubais.online
www.ubais.online
pass.ubeats.pro
www.valevntine.com
vibeengines.com
weichao.autos
www.weichao.autos
wowapp.cl
Other domains in certificate