Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=web-sporter-frontend.staging.leuven.delcom.nl
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 08, 2025
Valid Until
January 06, 2026
45 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E8:C2:07:E1:63:CE:E5:7B:42:9C:AF:C3:9C:5E:C2:0C:D5:0B:AB:0F:E0:12:BB:79:72:71:81:F5:EE:8B:56:05
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.bict.ca
calc.5f.app
administracionspa.com.ar
aibrewbot.com
calc.alexerem.ru
algorithomics.com
alohabeautyclinic.com
angling.social
apricotstonecity.com
ar-tech.com.co
assuras.ca
betterberthoud.com
dev.bigblueti.me
www.bigfamily.com.br
btfm.boothtransport.com
www.byz.fi
canbby.com
www.sorteo.celushop.com.ar
cezarsantosmkt.com.br
charlieengler.com
www.citronellarestaurant.com
citybrewsurveys.com
claimaffirmations.com
sinhwamoney.co.kr
zenminder.cognuscraft.com
shopper.shoppinglist.com.mt
brands.merck-lifescience.com.tw
www.consolidinc.com
cosmiccarat.com
admin.daffl.com
danielmsorensen.com
danielpfinnegan.com
www.darkhollowcreek.com
datemindude.dk
albert.deeplatform.rocks
web-sporter-frontend.staging.delft.delcom.nl
web-sporter-frontend.staging.leuven.delcom.nl
www.translate.dessin.it
www.digitaleburnoutapp.be
sinapse.drtis.com.br
preview.dsiag.ch
release-preview.epidemicsound.com
lj.epsalon.org
www.faceexercises.org
fireflysoup.com
app.giringiro.org
dropoff.dit.go.th
gotogether.travel
dashboard.greenstream.io
teambattle.habs.co.uk
kiraku-higashiyama.b.hotekan.com
hongkong.imacoco.world
imbianchinofaenza.it
imbianchinogallarate.it
jawsandteeth.com
www.julioorellana.com
kadada.org
retell.keywordsai.co
lab.kimomomaikodori.com
www.lingo.mx
www.littlemoby.com
lukeaguilar.com
rtc.prod.medeintegra.app
app.meine-rezep.de
myfunnyvalentine.com.br
www.natedsystems.co.za
nildomacena.com
dev.notadining.app
oakti.ai
odeio.com.br
newsmine.osslab.com
www.persisterest.com
chat.personate.ai
play2x.vip
play2x.win
lcg-admin.popshap.net
www.primepads.app
www.rally.social
www.ratnikovastrateg.com
roarnft.xyz
www.sander-jederzeit.com
sanoyes.com
saturnstudio.xyz
searchoutdoor.showitmax.com
sigmaquality.ee
psm.sksis.ca
link.smartplant.app
lotustutors.snapmentor.no
sucolab.com
app.supercall.ai
verification-browser-sdk.review2.trustdock.io
www.ucj.pe
www.udonten.com
data.uspzdrowie.pl
wedontplay.uno
weekenders.social
womallc.com
yazdi.uk
portal.yourgutmap.co.uk
www.zigali.de
Other domains in certificate