Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=blog.daphnesdesserts.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 21, 2025
Valid Until
March 21, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BF:65:5F:DA:18:C7:49:AB:75:76:E5:76:F9:0A:1A:31:FE:21:17:F6:63:7C:E9:26:78:BC:24:7F:12:2F:AD:9B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
privacy.dheller.de
hon-roomplanner-test.3dcloud.io
jacob.alless.io
www.atacan.dev
axdarchitects.gr
www.barenderasmus.com
benazir.in
beruservices.com
bikit.rocks
bmaschool.in
bombo.pe
bounties.fi
bynovate.com
www.cberner.com
classtools.io
sms.cloud10os.com
vaishnavishrungarpawar.co.in
app.popmeals.co.th
www.compe.golf
comprendo.dev
cryptosalesfarmer.com
www.cscsguide.com
www.rac.marn.ct.gt
blog.daphnesdesserts.com
go.dessert-pay.com
devthakar.com
doccheckai.co.uk
www.familytoolsapp.com
dev.fintary.com
app.freelancegps.com
promos.gbm.com
h9l.dev
helenallop.com
report.hintcatcher.com
www.hintcatcher.com
horotimes.com
houdini-icons.dev
iffts.com
igcshop.com
dashboard.imageriemedicale.fr
infilas.com
links.intellifluence.com
jakjarvis.com
jaxfloyd.com
jivansangini.in
admin.jjimovel.com
cards.joinsquad.co
jthinton.com
kianajoon.com
dev.app.klikkie.com
www.kluevercoaching.com
ladypass.com.br
lancemock.com
archpark.lelander.com
loganrising.com
www.loop-code.com
mapelevations.co.uk
www.mcapn.com
memorigi.com
metroware.org
www.misaelproject.com
multiplicative.com
neukundentool.mydirectscouts.com
nazarovgeo.com
portal.nolag.app
orangebloomtherapy.com
ordertray.com
pboconcierge.com
permiam.com
phenom-project.com
www.picsender.app
piskunow.com
pizzariapassione.com
gozva1.pksquad.com
prematch.gg
prithaghosh.com
www.procreateweb.xyz
mastest03-link.propertyloop.co.uk
pull-repo.com
auth.puremoto.com
www.qasral-kenan.com
morquio.qlinics.com
www.quranera.com
vocus.ratemycx.com
rentalmotortulungagung.com
support.robotic-crowd.com
sapphirebehavioralhealthcare.com
account.sapricami.com
lnk.sharperimage.com
szewanyeung.com
terasite.com.br
the-hargetts.com
auth.tifo.eu
tinashechifamba.me
apidocs.webfiny.com
whatchado.at
ynoor.me
app.yovstudio.com
zaiendecor.com
zeugnis.codes
Other domains in certificate