Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=synt.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 17, 2025
Valid Until
January 16, 2026
44 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
2F:43:19:2C:30:EE:06:24:35:AA:0A:D6:44:89:88:86:BA:59:CA:0E:CF:A3:11:40:AF:53:9A:BB:13:22:F0:0C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
colgatecamps.com
east-west.app.staging.alpinemedia.com
shawnee.get.staging.alpinemedia.com
app.amzretificadores.com.br
demo.sas.dokodemodoors.an.style
www.anclement.com
www.inqueue.arkerlabs.com
bmi.asap-software.jp
avancod.com
www.avancod.com
app.preview.axleaccess.com
grancanariabeaches.baulen.com
bhaktibook.com
link.boards.com
assets.boofit.net
booqed.co.za
www.booqed.co.za
camelliapowers.com
casaloretospa.com
cbofc.com
tetris.celtian.eu
www.chsolarllc.com
www.cisneiros.com
stay.cityrelay.com
citytourpass.com
vice.ciucky.com
www.clicemprendedor.com
www.clinicapodologiaeleve.com.br
auth.cluekeeper.com
www.cnkamsterdam.com
gan-yochi.co.il
www.microharness.co.kr
cracosky.com
consumer-frontend.staging.konstanz.delcom.nl
yeti-test-domain.demeter.builders
www.my-portfolio.dsbalderrama.top
www.ecounselingconnection.com
inventory.staging.elkaso.app
www.emilijastojanovic.com
www.erod.dev
www.evilscoby.com
www.evolvingtraxs.com
www.expoai.app
web.fellesverktoy.no
pendrive.fernandovr.com.br
gdgistanbul.com
link.d.getcoco.com
gippslandsteamcleaning.com.au
gobubble-dev.internal.gobubble.app
admin.golivgroup.com
dev.gordanita.com
greysonsawyer.com
www.grsc.cz
auth.handle.com
hectorcho.com
c.helloring.jp
auth.idoitjustforfun.com
ipiring.com
jpdup.com
www.ksafi.com
marketdirecto.co
www.mentarimedia.com
www.mindfields-platform.nl
www.mudigal.com
www.mznm-studio.ru
app.niman.com.br
www.occiplast.co
app.onepod.ai
www.onlinecapitalsoft.com
onoffatt.site
opsteelpan.com
oyatsukai.com
www.peacefulcreations.co
www.quiosquesirioalmoco.com.br
rajspanishcafe.com
stg-ads-banner.pay.rakuten.co.jp
redcapital.com.au
rohansatram.com
sabrana-secanja-kocana.com
www.selariaflorencio.com.br
auth-dev.semana.io
staging.sensly.be
www.shondavid.com
www.siwan.me
smart-web.ai
spuza-milord.com
www.sqab.org
sydneyswedding.com.au
synt.app
web-dev.timeismoney.tec.br
web.timeismoney.tec.br
www.therealyouapp.com
www.thethaothehevang.vn
tppholdings.com.au
admin.trinodex.co
demara.trinodex.co
app.wastehunters.com
app.workingday.lv
app.youpace.co.jp
invite-dev.zori.app
Other domains in certificate