Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.lucaantink.nl
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 16, 2025
Valid Until
March 16, 2026
81 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
9D:38:37:6D:A6:84:91:C7:AC:3B:3E:10:E0:27:8C:59:80:FF:AD:C1:08:F7:69:C8:20:9A:CD:EA:E4:C6:93:CD
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
rubenscafe.com
corso-per-estetista.2gbeautycom.com
adi-installation.com
admindbm.com
www.alahlamtransport.com
alphawavesystems.com
www.anrfranquia.com.br
artmobileapps.com.br
awaloilgrain.com
www.awirjono.com
menu2.azimuth-iraq.com
www.bensuttonvo.com
blvck.ai
www.cbd-vergleiche.de
chandlerokdental.com
cinovasync.com.br
www.clubprime.nl
lnk.qa.dodocart.co.kr
snad.co.kr
playgo-stg.vonder.co.th
tpsoctrang.ebot.xbot.com.vn
www.computrekcs.com
app.connectngrow.edu.au
portal.copingcard.com
flame.cuppazee.uk
dataalpaca.com
displayhub.io
coordinator.diversityinbusinessawards.ie
clinicafares.drtis.com.br
duoface.com
elkeclearesta.com
bsplines.elmermx.ch
frontiermath-symposium.epoch.ai
pin.eroundapp.com
play.ocean-bowls.etwz.io
super-pie-fling.evaluationspark.com
customerauth.fastsignsdev.com
duralog.freundundreiter.com
www.gerencie.app
app.gpslowcost.com
halois.id
ammarandmina.hassanalrawi.com
heav.fr
www.hindustanwiremesh.com
www.rochaequipamentos.ind.br
insdthrissur.com
involve.dev
rice.jayther.com
tati.juliotati.com
www.kalpa.no
www.kasturipaladhi.com
auth.kluh.com.br
kuranari-sr.com
site.kyossi.com
linkpedido.com.br
litsepisokose.com
share.loopphotostream.com
demo.lrsalign.com
www.lucaantink.nl
wakeup.marcrufeis.de
masterpiece-paintings.com
www.mcslocacaomaquinas.com.br
login.medeasy.pt
medinaestate.io
www.megaparrilladaargentina.com
rica.megsapp.com
api-atendimento.meueleve.com.br
www.modastimay.com.ve
montserratinus.com
portal.mseller.do
myexpensewatcher.com
campaigns.myrealfood.app
www.oceancdr.net
www.ondrejbures.com
www.peopleties.com
shenjing.piticommerce.com
runnerjump.polngames.com
santaadventure.polngames.com
app.poshtools.io
app.raineventapp.com
rasai-nutrie.com
www.rentimizer.is
portail.reseautoxicomanie.com
www.rother.app
schaedlerart.com
www.shelf-designer.de
app.smoozi-crm.ru
spanishconmarta.com
membership.springrunswimclub.com
www.srirama.uk
www.steller.be
swahnwasa.fi
waba.thectcagency.in
www.tonypedia.org
www.transitiontocivilian.com
portal.unitedwaychennai.org
dev-app.edu.utilo.co
stage.varldensbibliotek.se
www.veeball.io
yamentaha.com
Other domains in certificate