Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=starmatch.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 07, 2025
Valid Until
March 07, 2026
80 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
03:20:E2:13:91:68:8D:23:C3:B3:3C:19:3B:FD:78:AA:0C:23:BE:E5:63:02:53:FF:F4:4B:E7:BD:9F:B4:5C:3F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
quickcooks.net
stage.connect.adswerve.com
appbetty.com
assistheo.com
babysittingbymaria.com
www.bayview-harbour.com.au
go.bitcrew.com
www.bleupeyi.com
qcat.blixify.co
console.boarda.io
www.booleanworld.in
www.bugo.info
app.staging.bulletn.co
r.chargefairy.com
chhattisgarhnow.in
sakata.co.ke
igplusplus.coolespace.com
scanning-dev.cresicor.ai
cryomaxclean.fr
www.curai.com
snuh.dayna.app
dazlstudio.com
dealstrackerapp.com
douglas-evita.com
go.eaglelifetimeroofing.com
seminar.uem.edu.in
emojiparty.de
redirect.enkept.com
entxchange.in
ercanyesil.com
www.everway.app
everydayquote.app
farabi.de
scralling.fausrguez.com
investortool.febatisplay.com
fiv5starcleaningservices.com
cmsblog-admin.fyneapps.net
hooks.getadapt.co.uk
globalogisticexpress.com
goblush.in
link.gotootu.in
grupoxalka.com
guitarlessonsworcester.com
hindunation.in
hindutemplesofusa.org
homeyouwish.com
stunnasfit.impactwrap.com
infotekaudiovisuals.org
devicepilot.innomed.in
itzzmeakhi.is-a.dev
www.johnbrowncreations.com
www.juuwle.net
udec-test.klarway.com
kohei.com
track-limo.kuwaitairways.com
enlight-performance.lernit.app
universidadexecon-performance.lernit.app
lightninglocals.com
tracking.load-market.com
app.metria.ai
www.covid19.miveratech.com
app.monetise-d.com
misfotos.mymoons.mx
nickdeblegny.com
nimbleprep.com
nqueens.nugentmichael.com
vorschau.offenestadt.info
ondemand242.com
ourtraveltags.com
paranormax.be
www.penguift.com
peopleforplazas.com
productscore.org
www.puntacana-excursions.net
challenge.qbuild.app
www.qttogether.com
stanford.queueme.in
kosmos.dev.monplat.rackspace.net
superapp.rahetbally.com
www.regu.id
mask.roboflow.ai
www.rohitdadwal.com
www.selah-app.com
kamakura-chuo-park.signsense.jp
swegon.softhouselabs.com
souktanja.com
starmatch.app
bodareyesrivas.swanmoments.com
www.tastedeck.com
www.toomanydishes.com
support.tourbutler.app
www.triangularitylabs.com
trilogix.com.ar
www.ufaeasy888.com
vegaprosolutions.com
vrmmo.games
geritch.vvek.dev
admin-demo.wagercraft.org
pgc.weja.us
inscricao-beta.zeero.tech
Other domains in certificate