Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=carspa.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 04, 2025
Valid Until
March 04, 2026
82 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
07:7A:6D:10:35:89:3A:0A:98:6B:BB:78:FD:C1:D1:F4:06:9C:A1:79:47:2C:03:3A:B4:AB:8C:C2:2F:0B:51:3C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
data-bridge.io
1161.pontuax.com.br
iitd.aerogram.in
www.alifnaiech.com
andsklv.website
cert.app-akademie.com
appabrikinittest.staging.console.appabrik.jp
appcantici.it
www.asuntovalas.fi
bapowas.site
baroqueproperties.ae
bazandgo.com
staging.clanup.blackarctic.studio
borderstatus.ca
www.mijn.buurtvervoerheumen.nl
www.help.calvarycampo.com.br
carspa.app
chalkitup.de
time.clout.dk
enviwise.com.my
www.crystalwellnessandfootreflexology.in
newsletter.dallasyoungnak.org
accounts.designverse3d.com
app.dicopt.com
www.dienstleistungen-hennig.de
www.diotima.eu
www.dkaufzugstechnik.de
dndhub.com
linux-corner.dsbalderrama.top
ekvilibria.lv
poc.eliss.ai
englishmind.sk
entregaali.com.br
epcai.co.uk
explorayvivecolombia.com
familyactivities.us
a0bb.foodle.su
www.fourthmouse.com
esim.gowalk.com
staging.console.hafllah.com
oa.invezt.in
test1.invitereferrals.com
ironandwash.com
www.ti.k-9apps.com
karakusa2020.com
www.kinosuka.org
kuopioairport.fi
app.lettr.eu
www.liminalfunctions.com
backofficeturmas.maapp.com.br
www.mauzy.dev
www.mavsai.ai
mayaroos.nl
muldertraining.medewerkerstatus.eu
www.mekong-erlangen.de
mindmirror.space
qrpos.mmdev.online
mywave.com.au
www.natachatonissoo.com
www.nkmlab.com
rems-eop-dev.nside.io
android.opwoco.net
com6338-p3.osvaldoconcepcion.com
promotions.payo.com.au
planetsolver.com
portfoliospreadsheets.com
www.primascuola.app
programmerfair.com
punjabconstruction.com
base.quadrobee.com
auth.stage.qualdesk.io
new.dev.quattrol365.com
g.rara.co
us-nd.spotlight-staging.recidiviz.org
app.rentfix.com
www.rentrediapp.com
aerocaster.roland.com
ruhinhom.com
salon122.co.uk
www.samana.lk
research.sherdeepai.com
app-devdaniel.sistemasimo.com.br
darkroom.skaarhoj.com
slapem.xyz
midland-ira.solerabank.com
www.solokids.in
spjbeauty.com
app.spotingify.com
www.sreemagaltaxis.com
portal.srihariharantraderssivakasi.in
agency-staging.staffshift.com
storybookly.app
swanu.com
www.syasbahamas.org
stock.team.repair
tech-schools.co.za
workspace-staging.typex.kr
unblocktechnolabs.com
www.weedoscopes.com
chatrooms.wesselbuchling.com
Other domains in certificate