Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.strandkiosk-rimsting.de
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 06, 2025
Valid Until
January 04, 2026
44 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6D:14:6F:5B:92:84:4A:CF:E1:CD:89:BD:5B:5A:55:19:AD:1C:ED:58:48:95:8E:AC:15:83:7A:74:38:E0:ED:B0
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
expresscarwashparts.com
go.2play.no
abualhasan.dev
staging.achieve.plus
www.appdelocio.es
aptilink.io
atreception.biz
app.blendedcourse.com
www.bloxize.com
www.admin.bookbloom.app
www.boriszuliani.com
braceflow.com
teste.brunopinotti.com.br
chattanooga-webdesign.com
signal.chekt.com
chemlabonline.com
chiper.dev
www.cliveboulton.com
www.clonck.com
sparkasse.admin.codewell.ai
authentication.floweradvisor.com.hk
www.commutesaverev.com
fint.danielvega.dev
www.doconnorsafedriving.com
www.doodledash.app
sauron.dslrteam.com
cactus.edsys.com.br
loandocs.emetmortgage.com
expressmlslistings.com
fantasyleaguelottery.com
www.fbistech.com
ir.florecel.com
www.getbrb.com
auth.goertzensonthego.com
gravifymarketing.com
my.growthbundle.com
heronbatteries.com
www.heywyer.com
www.hornbach-baustoff-union.eu
iluminaihealth.com
im-reporting.com
www.incompleteinfinity.com
sales.infiamarket.co
iotminds.in
app.jackfong.hk
allscheduler.jackgisel.com
as.kaleplus.com
kevindoole.com
kevintyj.com
kimpga.com
kitchendemolitions.com
utsjr.lapieza.io
leanmfgpro.com
www.lisbelcruz.com
gydigital.madhive.com
menu4k.com
push-link.mint-app.com
play-dev.morningmoonvillage.com
www.motormerchants.com.au
multi-scnce.com
www.nccompare168.com
www.neocor6.com
rhone.neoufitness.com
auth.niquelsoft.com
srsorders.njgourmetfoods.com
onlypawns.com
api.owoapp.cl
panzcon.com
perrinn.com
petervoerman.com
app.playwallpapers.com
premierrrg.com
quepase.app
www.support.quike.app
rbvfx.com
rewinners.com
blue.rezyro.com
ordernow.ruanbistroking.com
www.sailor-boy.com
fayetteville.shopstudentstore.com
skemer.com
home.slashnext.cloud
app.socus.co
fbase-web.sosialbooster.com
www.strandkiosk-rimsting.de
www.studioio.co
highlander.tallyfor.com
www.teatime.show
teckrevo.com
thechrisbetz.com
titangroupmy.com
trendreports.ch
admin.varaavuoro.com
www.visualflutter.app
voltgifts.com
vzhuck.com
webstiks.com
zeuscargadores.com
zopdrop.com
zudah228.dev
Other domains in certificate