Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.airtac.me
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 30, 2026
Valid Until
April 30, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F5:22:E3:E6:C8:88:B1:F8:42:41:DC:6D:CD:14:08:CC:CC:33:A1:C8:02:3C:E0:7A:3E:C1:38:8C:52:C2:F0:D6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
locnapps.com
www.adysas.com
app.airtac.me
ammonyte.net
www.antalyakardeslertadilat.com
leefstijl-app.appdashboard.nl
atlat.de
portail-b2b.auchan.fr
eazyschool.avail404.com
app-test.aweventure.com
bethere.com.ar
vote.bijlit.nl
www.bookmydesk.nl
capetownwatersports.com
cebuwatersports.com
charitypop.io
www.city-ol.ch
cmslink.net
www.rvsystems.co.in
start-sass.dostesting.co.ke
download.mog.com.my
comowatersports.com
www.concretecake.se
www.creativepermaculture.com
cretewatersports.com
room.dastafilez.com
deckbuilder.dev
multisig.defikingdoms.com
www.diginnocent.com
www.empruntemonstock.com
pass.emula.pro
admin.enhearten.io
www.evernest.es
www.fitnesskit.com.au
www.fumimeter.com
ipad.gcadscreens.com
www.geac.hu
www.getaride.limo
reunite.getmodemagic.com
giago.co.uk
golang.jp
gynfm.cz
admin.icooking.io
game.ptit.id.vn
intelectussolucoes.com.br
forum.isthmus.com
it-hero.co.jp
itp-marketing.fr
apps.jirem.com
krabiwatersports.com
uat.lottosocial.com
www.luango.com.br
www.macronti.com
dimango.mangveloper.com
www.marcosoglobal.com
mauiwatersport.com
micandpose.com
www.monster-pets.com
diligent.mv-gechingen.de
www.myholidaystracker.com
natevanbonn.com
noteclerk.com
peace.novaquach.com
orah.rs
outrightplay.com
parquetreader.com
www.poordog.dev
www.postcell.io
prizm.pw
purp.social
www.quantum-g.jp
blog.respeitoltd.com
rukidoo.com
ruwaizhaja.com
www.saadsaadi.com
www.saviora.com
mydukan.schemesbook.com
michiatsume.sci-co.co.jp
www.seandriscoll.dev
seychelleswatersports.com
dev.softwarewagon.com
mobile.spacemonk.io
auth.storystarters.co
tedxpacific.com
tilzmatictech.com
www.tolgahankarabudak.dev
tomtastic.com
totallynotrobots.dev
www.totalquote.io
verkkokauppa-front-dev.www.tunkkaajat.fi
u.tutamkhamon.com
api.vhscorner.com
wadokarateindia.org
wicaksanaberlian.com
badges.workhere.com
quiz.xienet.com
www.xla.jp
youmightwonder.com
app-dl-redirect.zf-develop.com
classtracker.zoeames.com
Other domains in certificate