Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=eggtartsoft.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 10, 2025
Valid Until
March 10, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7A:D9:6A:C4:79:A6:82:38:54:E3:F6:0B:14:CB:2D:57:20:D8:0B:24:63:68:85:22:F0:B3:08:70:87:5C:43:71
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.ajoara.com
www.abintra.com.mx
www.acappolli.com.br
blog.afgriot.com
app.airsset.com
covid-19-panel.algistix.com
www.amar-lynnconsultants.com
app.5050.africa
archipelcontent.com
aromas.asap2go.com
fb.atheistengineer.com
bernardobraga.com
bibfabrication.com
www.bkopy.io
blockblaster.app
freelancer.bou.co
tosashimizu.bus20.com
caribrunch.com
www.cbcgem.app
points.clementstheatre.com
confeitasonhos.com.br
crimpwell.in
app.cubatel.com
destamutisya.com
dww.divshot.com
www.dotplusdot.com
www.doxyfixy.nl
drillmaps.com
eggtartsoft.com
10et.esad.pt
www.ev-nets.com
exploreshackle.dev
fasttackdroptaxi.com
www.fixy.nl
www.flowgram.com
futbalowski.com
3457-k6.gamefp.dev
login.gboetrack.com
tienda.ges.digital
app.gfalm.com
survey.glucosezone.com
dev.guiloop.com
courses.helloenglish.com
www.hungrii.com
willythekid.id.vn
www.igorplaksiy.com
www.ilcampodelleemozioni.it
staging.intelli-hub.com
interactivefiction.app
landing.ipiring.com
dashboard.express.ironmountain.com
advisor-dashboard-stage-1.ischoolconnect.com
isitaweek.com
live.jawsplay.tv
jeanaoldham.com
www.kabaka.com.br
jiri.karpisek.family
kataroek.dev
www.kirkkoappro.fi
kyodaisushi.com.br
manitaselpana.es
www.manoirasdetrefle.fr
wine.mark-dekker.com
www.max-nft.com
merencia.com
merliniumaiot.com
auth.testmilu2.milu.jp
www.challenge.most.org
www.nathancase.com
nobhillca.com
timer.nst.uy
staging.oee.com
on-menu.app
evtrails.ondagoapp.com
orkunsaglam.dev
pkrcurrency.com
pramaproject.com
propertle.com
open.publibike.ch
rainbowdesignhouse.com
assist.recoveries.legal
www.redline-x.com
www.ritzshrivastav.com
sapjil.net
seandriscoll.dev
www.securedevhq.com
www.skipperai.app
www.straniggdora.hu
www.surfingtracker.com
teamper4mance-diggi.com
insert.api4.thorbooking.com
www.tierla.com
www.tinttec.com
www.todaygate-tech.com
turkishpv.com
agenda.txapita.com
wealthspaces.co.za
awards.viinikanlahti.weup.city
zolushkallc.com
cv.zothic.fr
Other domains in certificate