Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=apps.paygoal.de
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 23, 2025
Valid Until
January 21, 2026
69 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
2E:65:BD:11:2B:28:9D:1D:04:85:B9:60:11:59:B5:51:50:B2:0A:03:8E:EB:F6:E6:13:2D:03:A1:E0:28:67:E1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
connect.manifestfinancial.com
910martel.com
agartic.com
ahmadrifaii.com
dev.akylix.com
www.alexseguin.net
kiwitraffic.aliustaoglu.biz
www.alquilerbarrosa.es
andresandelina.com
atomtrip.com
avikasusarla.com
basschimmel.nl
www.braviyo.studio
confluence.dev.buuky.app
cestovne-poistenie.online
rid-stg.codework-tech.com
compilorama.com
businessriver.cxia.ie
demo.cyberloop.ai
www.cygan.io
dadanddot.com
openspace.dddeurope.com
www.destinysecondscreen.com
www.djoarsome.com
www.dmp.hk
school.drastick.in
drogariafarmacentervila.com.br
eidtgmbh.de
linkit.elainsairaalasacrum.fi
story-game.elidan.org
falopes.com.br
firedevs.cl
registration.fitoutawards.ie
foodlee.io
v17.gctc.in
www.gr-vins-balade-viticole.com
guildautomation.ca
desapp.hecmapp.net
huffreude.at
infiniteat.app
inklifeanimation.in
www.intelligence.wtf
jasko.solutions
visitor.joan.app
www.jpakjr.com
katainformation.com
fb.kiara.pictures
playdev.learnfrommaps.com
www.linemed.it
www.maximerochedy.com
portfolio.meander.media
www.metroflex.app
www.michaelester.at
millionways.net
mswthug.life
www.muftimustafaaziz.me
widget.mysprout.cloud
newgalecoastaladaptation.co.uk
nurav.org
onjuhu.ca
apps.paygoal.de
app-id-dev5.pbcd.net
links.services-test.pempem.org
pengwin.com.br
perpetualhackathon.com
www.pinpianist.com
pod-lipo.si
pointpost.app
pypu-uatx.app
quoteswallpaper.app
dindigul.rainbowsdroptaxi.com
www.rivendev.app
robora.ai
www.rokubungi.jp
imdluiperf.app-np.rxo.com
sexgpt.org
www.skitfiske.app
smileinpocket.com
dev.somm.fi
www.submary.app
sunriseweather.app
t-dent.com.ar
takeaim.app
davbam.edifyin.teamin.in
technopurple.info
booking.demo.ticketbuddy.in
client.timetri.app
www.tnydwrds.me
dev.traction.app
www.trymockup.com
prisma.turnosweb.app
umfirebaseapp.u.my
bookscape.uddl.ca
sb.upw.li
usebergamo.com.br
viraltrend.ru
www.weddleunlimited.net
what.youate.com
scan.zwoup.com
challenge.zycle.eu
Other domains in certificate