Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=baton.art
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 17, 2025
Valid Until
March 17, 2026
67 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C2:F7:BD:54:83:E1:F6:80:1C:18:A7:CB:A3:DA:C3:38:EA:FC:62:CD:2F:81:A7:AF:29:F5:C0:5C:6F:E6:B8:91
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
script-src 'report-sample' 'nonce-gl3BK4238fPTJJDdL6eC9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
fbs.jugnoo.in
www.admproject.lv
app.melhores.agriness.com
www.aicyellowjacketscamps.com
www.air-drone-renov.fr
alphia.io
www.anitabartos.com
dev.anywheremed.ph
chengalpattu.arnidroptaxi.in
dharmapuri.arnidroptaxi.in
dindigul.arnidroptaxi.in
nilgiris.arnidroptaxi.in
arunodeepmontessori.com
www.asiathaishippingservice.com
dbus-app.aspevo.com
app.autocall.one
baton.art
club.stage.bestathletes.co
bgjooon.app
portal.botqaqi.com
www.byjsolutions.tech
www.cardmarkethelper.com
centroscout.es
beta.chalk.run
skyuk-dev-api.closedcaptionconverter.com
demo.cloudframework.app
www.amatek.co.id
codetool.dev
luxidena.com.ng
admin.cubid.asia
bookingform.curacao-exclusief.nl
dicionariofalso.com.br
donnahr.com
dreamlense.com
eazivalue.com
staff-stage.enkept.com
stage.enkept.com
enzosantos.dev
esol4brum.app
etis.one
api.ezzioffer.app
www.filla.id
www.fuu.to
groupby.app
www.gsaikumar.com
impact.id
www.isonetcryoet.com
www.iveepromenade.com
www.jansolarkendra.com
jdankyou.com
jessejamesrichard.com
auth.johnprater.me
joshcunn.dev
dtp.katinya.com
www.livingtech.asia
housing-topup.loophealth.com
malyawka.com
admin.moonshotsocial.app
www.myguiding.com
mobile.myzeal.app
va.nagrady.by
www.navotkarshaitsoultions.com
www.nhome.app
www.oivis.com
ariyalur.onewaydroptaxi.net
coimbatore.onewaydroptaxi.net
dharmapuri.onewaydroptaxi.net
dindigul.onewaydroptaxi.net
kanchipuram.onewaydroptaxi.net
krishnagiri.onewaydroptaxi.net
madurai.onewaydroptaxi.net
pondicherry.onewaydroptaxi.net
pudukkottai.onewaydroptaxi.net
sivaganga.onewaydroptaxi.net
opendiv.dev
pensioenbijvlc-partners.nl
www.phoenixsuppliesandsolutions.com
connect-ng-carrier-admin.rxoconnectdemo.rxo.com
connect-ng-carrier-recurring-lane.rxoconnectperf.rxo.com
connect-ng-carrier-tenders.rxoconnectdemo.rxo.com
connect-ng-invoices.rxoconnectperf.rxo.com
connect-ng-orders.rxoconnectperf.rxo.com
connect-ng-quotes.rxoconnectdemo.rxo.com
connect-ng-registration.rxoconnectdemo.rxo.com
connect-ng-warehouse.rxoconnectperf.rxo.com
www.smatrix-app.com
snapdiet.snapcore.in
loxam-specialistes.speakylink.com
storychime.ai
flowery.studiossolution.com
subbeys.com
www.tamzidchowdhury.com
techinternets.com
textmeo.com
www.thriftella.org
marco.truff.at
www.velementis.com
web.votium.app
link.vtvgo.vn
www.zakforcongress.com
Other domains in certificate