Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=darcz.uk
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 28, 2025
Valid Until
December 27, 2025
40 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4B:5C:FC:97:65:5F:00:CC:24:DA:99:1D:93:FE:58:78:40:10:6A:AC:91:B2:34:6D:D6:1A:DC:C3:CC:64:C8:CA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
schmidt.pension-luckau.de
accesoriesbywahra.com
webapi.adniter.com
aokarkau.com
links.askdiem.com
app.atios.ch
austinkranz.com
www.balcancrossover.com
www.baseball-connections.com
benoitpoyser.com
de.biobarica.com
boatchartermanagement.com
bondandbond.co.nz
www.bt-wedding.eu
dev-app.cbreenergy.com
app.checkfirstapp.com
beta.cmeetit.com
cmeetit.com
prod.cmeetit.com
www.cmeetit.com
test.getgoing.co.id
soma.kpr.co.kr
comichaiku.com
conectafit.app
stream-sample.testv3.contentfabric.io
posstaging.convercus.io
www.coupondealsuae.com
criollosbsn.com
daniel-dominguez.net
darcz.uk
admin.dentall.sk
digital-tech-support.com
www.dinodroid.com
wwqw.divshot.com
privat.drgruendling.at
elonmarstrumpdance.com
www.emorypuritytest.com
familiar-admin.evisjap.co.jp
shurl.extremevn.vn
www.fightingcorruption.no
www.flyzomap.com
www.frankly-collective.com
gamenow.in
grupostandard.org
gyvenimoalgoritmas.lt
app.happyduckers.com
happyfamilylies.com
app.hiccup.com
hqdm.ai
www.hqdm.ai
student.hurreytech.com
www.igorlipovac.com
www.jp.ihhsfair.com
insightquestor.com
instapayloans.co.za
intelligibleharmonics.com
www.jevgeni.me
nenga2022.junni.co.jp
www.karolyikinga.hu
kindlingnomad.com
www.lolesportscalendar.com
manselva.lt
medora.dev
flows.michalroman.cz
mike-ringel.de
boliga.demo.movello.se
mycopanda.com
myhotchspot.com
noelelmo.hu
www.udlejning.norsepm.dk
app.nossodivorcio.com.br
novabizz.com
www.nziswano.co.za
dashboard-preprod.overlap-factory.com
pathwaysfoundationforthepoor.org
www.pickadoc.de
www.plentyofplanets.com
prodicusgroup.com
prospecttrade.org
www.psilarissamiranda.com.br
www.quent.net
reardenbentleymakesmusic.com
renginiuasai.lt
portal.safarhub.com
safetytown.mx
samf-app.com
seacoastkidney.com
sesh.xyz
sginvestmentadvisor.in
link-qa.sharprank.com
dangky.sohuutritue.vn
www.somniums.com
tybalt.tbte.ca
technofeedia.com
pcp.textilescross.com
the-sibundong.com
tinydreamtales.com
www.uglyboo.com
unwontedartistry.com
www.willmaz.com
Other domains in certificate