Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=backtoharmony.hu
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 23, 2025
Valid Until
December 22, 2025
36 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
28:DD:6A:52:23:D5:74:FC:4D:8F:12:88:1B:E7:50:EE:3B:40:77:AC:80:5A:2A:30:2F:29:4C:28:B4:2A:CF:DA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
interface.international
1myac.com
diskonigi-7literoj.34bit.net
3taps.me
physio.activlife.my
www.ahinsajainhomes.in
sync.aicallcenter.ai
www.akut-med.de
www.allteam.com
www.asa-sanpo.com
backtoharmony.hu
www.bandachapadao.com.br
www.dev.blwjbs.com
password.bolmgren.com
brokersaliados.pe
realpart.bwplatform.app
cakewith.jp
cargohqs.com
cavigliayasociados.com.ar
import-dev.classicdriver.com
anjalimanandhar.com.np
log-book.connectorzzz.com
www.ctrl22.ru
darkhand-studio.com
dev1.digitoo.cz
drimgar.com
drops-piano.com
dukes.cool
dylexsuan.com
easymeet.me
electricspeed.com
hubblebubble.elmarjansen.nl
app.eq-sistema.com
widget.ethy.co.uk
docs.ezfire.io
fastfix.lk
app.freshnergy.com
www.gezondepraktijklucht.be
www.gigahash.app
main-test.gosh.live
app.hadcolv.com
corethermo.harecord.com
heresacoffee.com
www.herrkinsky.at
www.immagbox.cz
isaacpendergrass.com
isfahan.de
firebase.isittime.app
it-zoo.com
www.jaredandlouisa.com
machineries.kaisonline.com
kardynski-chf.pl
www.kidzideaz.tech
blog.koibu.me
krandor.business
www.lacigale.io
brassia.share.legia.com
waterhousegroup.lernit.app
game.levelupnaija.com
www.lilaclanepatterns.com
sistema.lincesaude.com.br
www.matthewstone.co
moalicreates.com
www.muahanguc.com.au
pic-rubyplay.mentor-stage.neccton.com
roulette.neonexus.co
ninjafinancas.com.br
www.notariapp.cl
calendar.orangely.xyz
www.igcops.oxlac.com
pandco.co.uk
admin.parlacen.int
pecel1gyerek.hu
perdoceo.com.au
aboutus.proftware.com
staging.reggaetrivia.com
ads.remaapp.com
rtpremiumsuits.com
www.sakura.academy
securityadvocate.com.au
seijishukyoproyakyu.tokyo
vtc19.simpliroute.com
slo-motion.site
smashtourney.live
solbong.com
federation.swipall.io
tgbank.com.br
sms1.ticketmaster.com
area-citizen.tonylandschoot.fr
sncf-vr-vv.toysfilms-interactive.com
ukaysquared.shop
usk.biz
vayvonthechapnganhang.com
www.vertigocreativo.com.ar
welook.tech
whiskybazar.com
xiomiandsanti.com
www.yansnote.com
www.yourjapaneseacademia.com
chatbot.yuppie.business
Other domains in certificate