Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=online-store.davidborge.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 25, 2025
Valid Until
March 25, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
87:F1:6C:4E:40:79:F1:15:44:EB:5E:40:7E:66:41:80:57:E5:D3:C2:D0:C4:46:C1:DD:EE:32:D8:CA:02:10:3D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
tidsi.co
ahmetarici.com
aisyte.com
alquilervillabarrosa.com
rakan.alyahya.ws
arentzo.com
artesaniasenigma.com
loyalty.artesiancorp.com
autosocorroaraujo.com.br
avellanashop.es
raysfun.bark.blue
bfer.app
www.bfest.app
bits-shifted.com
manager.bxb.com.mx
alameenrestaurant.capromenu.com
staging.admin-web.chatcommerce.co
www.chavittaslandscaping.com
m.choco.com
gg.cluskii.com
cossine.com
csdinternationalschool.com
online-store.davidborge.com
dice-studio.fr
developer.discarvr.app
dogodicattaro.com
app.dreamkinin.com
dx-locations.com
app.cloud.eagle-eye.com.au
portal.easydonate.uk
eliasvsimon.com
eq8.app
retailer.staging.everspring.app
extraordinarygrace.com
flightsoftware.org
pro.fundman.ai
admin.sg.g17.eco
garagegolfleague.com
links.geohoney.com
ecard.dra.go.th
link.gopichand.co
www.gsprogolf.com
www.hiprt.com
www.humanenergetik.co
iagc.world
help.ikriyo.com
www.irctc-tatkal-magic-autofill-form.com
www.job-right-now.com
jodorry.com
www.kobertin.net
kuyllur.com
l-cockpit.ch
www.labibliotecacafe.com.ar
librarylearns.com
lonelyoceanstudios.com
app.lordsofsloth.com
lovef.se
univision.madhive.com
merakiapp.co
www.minervaagency.vn
msdonlinebet.com
www.muximaglobal.com
go.mypips.app
namsu.app
link.pacaso.com
pandacomex.com
personalinsight.co
md.plasticpatrol.co.uk
playvalt.com
www.pythagoreanuniverse.com
it-migration.raksystems.com
www.reemzettraining.in
www.roman.rocola.es
www.russell.io
coa.rxcx.au
s2remontti.fi
www.sadotech.mx
www.sahil.fyi
particles.sahil.ink
www.samudraexport.com
saojose.dev
edisplay.saola.in
www.shmopevote.com
app.slackclass.live
link.slumberlandwarrantyservice.com
www.eastergame.synlab.ch
www.targetedthreats.org
www.tectes.com
dev.toobzgaming.com
tooliens.com
tooliense.com
www.trabea.co.uk
unce.jp
unstak.io
dev.vaxt.co
vilanoconsulting.com
invites.w3lcome.com
wisatasumbar.com
ci.womendrivendev.org
yume-app.com
Other domains in certificate