DNS Gurus
Cached · just now
77/100 SECURITY SCORE

Certificate Information

Subject
CN=www.thingexchange.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 21, 2025
Valid Until
March 21, 2026 70 days
Public Key
RSA 2048 bit Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D0:63:DC:7B:AB:73:6C:5C:0C:9C:12:DE:01:6B:C4:7B:FF:38:89:DC:27:04:2F:19:CE:3C:49:72:F0:EC:F4:2A
Alternative Names
100 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains
ditrom.com

Other domains in certificate

daily.anantapoudel.com
fuegograma.andreandyp.com
www.animessage.net
aplex.dev
dev.arkbreeder.com
arnavaggarwal.dev
deeplink.aworld.link
www.bahahomidov.com
barhane.com
beamzsoftware.com
www.betsybcooking.com
sadmin.bewertemeinenservice.de
tembici.bikeitau.com.br
download.blueberryx.com
cafedelbosqueec.com www.cafedelbosqueec.com
ifc.carnotinnovations.com
dev.caterermanager.app
cityrath.com
clarityautospa.net
auth.crenova.co.in
gabrielvallone.com.uy
www.convertsalary.com
cordevs.com
corona-no-baka.com
countan.com
coverlore.com
cdn.native.creditkarma.com
xo.cryptwizards.com
www.dailygreen.asia
www.danielarst.com
danielulrich.com
dev.opticam.dataauchan.fr
www.datasensum.com
www.dkoder.me
reader.dokibo.com
drinks-up.co.uk
www.ductai.de
www.earningcardano.com
emmaline.co.nz
www.esschem-europe.com
fhuft.org
www.fllsettlementblackrock.com
foundermitra.in
freeassess.com
freshcatchfishstall.com
app.gfgruppe.com
dev.gni-asia.net
www.goaria.com.ar
gw2-songbook.com
hendryzheng.com
www.hipaatexts.com
agents.holdtightandpretenditsaplan.dev
www.indianstudentsatutah.org
www.inmobiliarialh.cl
interplanetarycreations.com
ivanoroz.co
www.jumistudios.com
kamperfarmfresh.com
karvulf.com
link.kidfindserver.com
kinosuka.org
www.dev.kistorm.com
www.lean.to
firepay.lukasgasp.de
konfigurator.m-tec.at
pixyflow.marcosjunior.dev
www.melinaleiaadilagic.com
www.metapalsclub.com
pumamemories.mooo.com
beta.nostresscafe.cz
notiful.co
onlyg.dev
au.outgrow.website
outlivo.com
bots.pervertgames.com
www.pixelshard.com
plexient.com
www.presidentialrenovations.com
www.prestiva.app
rkc.ua
www.rubysinclair.com
saborearresto.com.br
sagisai.net
sdetechnologies.net
www.secularizeus.com
soccerwatch.eu
tahminavaitova.com
tattoo-galleries.com
techtransportgroup.com
www.thingexchange.com
topofthehouse.co.uk
uselexor.com
world.vgv.ai
iceland.visualperspective.io
volleey.com
android.wewalk.app
whereishassan.com
dashboard.yummap.xyz