Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=scontz.co
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 03, 2025
Valid Until
March 03, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
16:EE:36:33:69:A6:F3:E2:ED:D1:00:46:E5:37:C0:32:9A:B4:1D:74:39:C4:2B:07:11:A4:C4:E2:15:CD:68:AD
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
wallace-admin.kards.fr
app.3billionbeats.org
nfc.alvareztostado.com
qa.apto.bio
areanatividad.com.ar
bettingofferpro.com
www.bhatandbhat.in
slow5.bioinf.science
www.budgetina.org
carlyhillman.co.uk
www.carselandrestaurant.com
cems.link
charlottelamm.com
mobilelink.onecard.com.my
barcodeapp.data.com.uy
entrematesyotrasyerbas.com.uy
derrotalacrisis.criptan.es
www.ctconnected.net
auth.eq1.cyberhaven.io
www.danchepkwony.com
davidwilliston.com
test.deepedia.cl
defiance.group
eqptlic-5.dev-ltl-xpo.com
beta.exchange.dexkit.com
www.dianagraph.com
dogofie.com
www.dulceeng.com.au
dxplore.eu
www.eclatfoundation.org
app.ecredito.io
sadry.elmateri.com
enwamcourier.com
app.eoinventory.com
everyklothe.com
www.v2.fabiankachlock.dev
www.fairy.wine
ja.english.finitefield.org
fkconstructions.in
fulldeals.in
gestaltor.download
goonsesh.com
www.gradfever.com
live.growflow.com
dl.hifibazaar.com
chat.homeproduktionen.de
hoolapp.ing
www.hurtadostudio.com
www.ioanna-filippatou.com
algorithmic-marketing.kreatewebsites.com
employee.kriyamed.com
lasvegashousingmarketreport.com
portal.lifecheq.co.za
linusacademy.in
www.madalirecipe.com
portfolio.mahrsrv.xyz
nordveggen.markusrk.com
www.mazdademagog.com
www.medlemstilbud.dk
www.mexicantraindominoes.app
stabilitetsseminaret.mmevent.no
www.moldy.sh
mrsushicol.com
myfinbrain.com
nalugalavenessa.online
kuemmern.new.de
firebase.now-fit.com
originorganizer.com
www.orkanx.com
demo.iotbit.otobit.com
ourshop.my
ovaanimations.in
playvoli.com
nvi.plugpix.com.br
psmmcalsalma.com
portal.qlarityapp.com
realitybrowser.site
sacredlotushealingvt.com
scontz.co
www.seekheducation.com
www.shahzadsherazi.com
app.simiinfotech.com
cafe.stirlinghigh.co.uk
dev.marker.stratosfy.io
dev.studiojjung.com
acf.suitefeedback.com
sumatoconnect.com
www.sunnyskygames.com
www.swaadsimplified.com
aweb.takainvest.com
the-board.io
www.tieudungsmart.com
www.trc-ev.com
monet.tsuharesu.com
ogca.upolicy.ca
www.wethefriends.net
wingspangoals.com
www.xstrain.com
www.yasmineducation.com
www.zzzremos.com
Other domains in certificate