Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.rentals.haynet.horse
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 27, 2025
Valid Until
December 26, 2025
45 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AD:BD:62:32:A0:81:14:D6:56:A9:6A:7F:BA:20:32:97:99:BC:B7:F2:28:1D:B6:C5:A7:C3:CA:2E:97:2F:EB:F8
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.justlorry.com
scopely.12traits.com
aeromexico.app
www.ads.albertarealtor.ca
anandabemestar.com.br
gstapi.appyflow.in
architekturbuero-fuhrmann.de
link.stg.autobiz.in
aviationbiz.me
s.biz-flets.net
bottlo.bot
www.brandonsayring.com
staging.launchpad.brickwise.at
vendas-widget.bsibr.com
carpincho.es
chalice-larp.be
links.chiochettibros.it
circle-chemie.de
clark.uz
jackiespadel.clau.io
www.debsuddha.com
flappyd.degendrop.io
diamondridgeprofessionals.com
redirect.difortan.pl
auth.dramalist.net
www.droidmakk.dev
duechat.biz
dev.durianboat.my
dev.proshop.easygolf.vn
esgplaybook.app
expect.digital
www.experience-fashion.com
sajith.feofex.com
www.flyingblob.com
www.fotokama.eu
gameontrivia.com.au
handballlima.org
hasanli.info
demo.hausera.io
www.rentals.haynet.horse
webapp.himoon.app
www.hitlerjuomapeli.com
www.iamskg.com
investorportal.app
ipsenfoptrials.com
jesann.dev
dev.auth.jpccx.com
www.keepitpupper.com
test.keeponrock.in
kgmedia.co.uk
usbcali-pretest.klarway.com
www.kmstats.net
knaxel.net
kodebase.no
auth.kotohomes.com
leaden.gg
litescan.io
livestation.app
www.lizard-apps.com
www.luckerdog.com
www.lunaapp.net
maoamigace.org
panel.mavi-makine.com
meckley.org
gassendi-animaux.musartdeurs.com
api.nas.ai
neo-vid.com
www.ohiortc.com
ontheline.love
www.padl.app
phathapholk.com
playg.in
www.playpromptly.com
www.plsreturn.me
vyvoj.predplatenaelektrina.sk
www.qr-code.page
rainz.com.au
staging.rarimobiliaria.pt
rasela.net
static.reality-overwritten.net
supplier.rightsdd.com
rushz.net
www.sayyee.com
diyaads.showitmax.com
pdv.soga.com.br
workplace.sport2000.fr
client.stylers.cloud
www.teare.me
esubscription.tedismart.com
hillsvet-dev.thepetdoor.mx
thomaswolle.net
podcast.torontomike.com
tol.tree-of-light.co.za
client-login.truecordis.co
admin.ulsemo.com
b2b.uplaces.com.br
drivers-dev.viggo.io
gdpr.wellyou.co
zizak.me
app.zwem.band
Other domains in certificate