Open
Cached
·
just now
83/100
SECURITY SCORE
Certificate Information
Subject
CN=www.flat-ah.eu
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 11, 2025
Valid Until
March 11, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0A:C0:78:2E:C6:A0:D7:77:58:C4:44:8F:C0:B1:5A:A8:BC:41:9D:D8:F3:23:87:83:C1:82:8D:D4:54:9B:F9:58
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
cms.scanshop-static-web-starter.ss.hr
chennai.1droptaxi.com
dharmapuri.1droptaxi.com
erode.1droptaxi.com
kallakurichi.1droptaxi.com
kanyakumari.1droptaxi.com
madurai.1droptaxi.com
nagapattinam.1droptaxi.com
ooty.1droptaxi.com
ramanathapuram.1droptaxi.com
tirupathur.1droptaxi.com
app.8toros.com
abhagsain.com
www.cv.adamino.dk
aechiang.com
rsg.app.aero-trial.net
alhistolog.com
www.animalcompare.com
antithesa.com
appitech.co
www.aquilaweb.it
asiantigers-philippines.com
cartron.b2b4-check.com
www.baton.art
bucephalusai.com
aki.buenatelier.com
www.captain-retag.de
stage-app.carecens.com
carwell.pt
clashbasepedia.com
www.cmsir.com
deinfitweg.info
edu.doozzoo.com
drmind.care
news.earningsahead.com
effecientcreditsolutions.co.za
www.esytaxgroup.com
ffelectrical.co.uk
wa.finnovex.com
www.flat-ah.eu
app.flosspass.com
link.getinvolved.com
ksg.getmade.co
deep.prod.gsns.link
herpesremedy24.info
www.hotelgoodnews.com
kokoroe.biz
lavchat-user.lavenirapps.co
lifegrid.app
www.lopeznotplato.com
www.lupincorp.com
admin.maledifresh.co.za
hub.meowcorp.net
www.mephheads.com
www.mettle-studio.com
wisys.millionways.org
player.moviola.io
covid.muthiga.me
mydoctormanager.com
mymoneycontrol.com.br
dashboard.nilear.com
www.novusy.com
peervuu.com
www.pierrelamusse.com
link.pokeyokey.com
portfolder.jp
beta.printwag.com
jelajah.radiasi.space
www.rainacorp.co.uk
everglow.re2fe.com
egabbai.rebchardle.org
report-lznk.site
restoreflow3000.com
revive-web.site
www.revvew.com
dynamic.rinnolab.cl
rizzlerai.lk
app.emr.shipzzer.com
sirvve.com
www.sociallife.club
soundbar.app
app.staitment.com
login.sugarbook.com
superpizzaman.com
terinyglobal.com
hive-inbox.the-hive-mobile.app
knomaker.theknocompany.com
thetasteio.shop
www.thotnote.org
auth.toss-online.com
links.chargingservices-preprod.totalenergies.sg
tricapmgmt.com
www.truckhh.com
apps.uniglobes.com
vinijlawfirm.com
vitalrev.ai
www.vizagseafoods.com
lq.webgurus.eu
www.wilfredo.app
xandria.be
Other domains in certificate