Open
Cached
·
just now
82/100
SECURITY SCORE
Certificate Information
Subject
CN=schlagameista.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 25, 2025
Valid Until
December 24, 2025
33 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DC:D1:AD:E1:BF:42:85:27:86:97:F8:B4:AC:50:07:35:EF:CB:2C:77:51:D0:6D:5C:A3:FF:C2:50:16:23:23:CF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Good
default-src; font-src; script-src; +9 more
default-src 'self'; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com https://ka-p.fontawesome.com; script-src 'self' blob: https://uploadcare.com https://ucarecdn.com https://www.gstatic.com https://www.googleapis.com; script-src-elem 'self' https://kit.fontawesome.com https://*.firebasedatabase.app https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'sha256-gPjlli1HEdLlR0AZTY971/wQVOdSkl9mEinLnxrPpJw='; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://uploadcare.com https://ucarecdn.com; img-src 'self' data: blob: https://test.pensioenbij.nl https://prod.pensioenbij.nl https://pensioenbij.spservices.nl/ https://ucarecdn.com https://uploadcare.com https://assets.rekenmotor.nl https://firebasestorage.googleapis.com https://ssl.gstatic.com https://i.vimeocdn.com https://arclight.vimeo.com https://storage.googleapis.com https://europe-west1-pensioenbij-dev.cloudfunctions.net https://europe-west1-pensioenbij.cloudfunctions.net https://us-central1-soderberg-1c9f2.cloudfunctions.net; media-src 'self' blob:; connect-src 'self' ws: wss://*.firebasedatabase.app https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://*.firebaseio.com https://*.firebasedatabase.app https://firebasestorage.googleapis.com https://securetoken.googleapis.com https://identitytoolkit.googleapis.com https://www.googleapis.com https://api.rollbar.com https://uploadcare.com https://tlm.uploadcare.com https://ucarecdn.com https://upload.uploadcare.com https://ka-p.fontawesome.com https://europe-west1-pensioenbij.cloudfunctions.net https://europe-west1-pensioenbij-dev.cloudfunctions.net https://us-central1-soderberg-1c9f2.cloudfunctions.net https://api.openai.com https://pensioenbij-ai-service-514856867067.europe-west1.run.app https://pensioenbij-ai-service-589834615070.europe-west1.run.app https://pensioenbij-ai-service-732631674536.europe-west1.run.app; frame-ancestors 'self'; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://uploadcare.com https://ucarecdn.com https://*.firebasedatabase.app https://player.vimeo.com https://www.quizbij.nl https://test.quizbij.nl https://www.pensioenfeestje.nl; object-src 'none'; base-uri 'self';
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Strengthen CSP by removing 'unsafe-eval'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.pensioenbijmosadex.nl
21interiorstudio.in
howdens-test.3dcloud.io
api.agcs.akrobotix.com
www.allisone.me
berkyasar.info
bhavikpathak.in
link.bilalmasjid.co.uk
www.biryanibutterchicken.com
devcoin.bizanalyst.in
bramble-lang.org
bwtdev.eu
tde5.call1800messiah.de
www.cannabidiolecuador.com
www.caroleandcolt.com
www.chinmaysheth.dev
app.cinemaswipe.com
admin.staging.cityscour.app
www.rohitsuratekar.co.in
csworkpassreset.creatorofone.in
crowdalerts.net
auth.fox.cyberhaven.io
beta.cycal.jp
www.calllog.deltahr.pl
digidtech.in
www.discoverchironj.com
ebintech.in
emergencyprep.day
empowerconference.in
laposta2025-spbm-test.fany.lol
firestore-ui.com
www.fufuinlove.com
rus-tili.fulfiledu.uz
garybgenett.net
generalpower.co.nz
liveinventory.gofloaters.com
gofurtherconsulting.co.uk
share.helpsport.net
register.highkeystaff.com
www.humancloud.app
www.ikjunekim.net
www.jaguar-welding.com
jamianoor.in
nukim.jeanhumblot.dev
joyis.live
keppackersandmovers.in
lifeorganics.in
help.loxy-app.com
lukeandlizzy2023.ca
minicarbakker.nl
www.mujiconsulting.co.uk
www.notadining.com
pod.otwsg.com
pixelstudio.nl
prashantk.info
prsolucionsolar.com
questbio.in
www.randall.vg
www.researchdatahub.com
residencekrengolama.com
www.ruokaloki.fi
nodessldeploy.salehhammudeh.com
salonepettinemagico.com
samasama.space
schlagameista.com
ai-sense-data.signage.ninja
www.sleepybeeinteractive.com
www.smart-cot.com
smithcopperpipeclassaction.com
smms.ac
smoose.in
www.sqeezstudio.eu
suellenmengatto.com.br
app.summitstproperties.com
google.auth.suncyan.com
portal.sunpeakpower.com
dev.swegapp.com
tarunbajaj.com
portal.taxsarthi.com
teatroartist.com
teeqer.ru
patient.thecarepluz.com
loop-dashboard.theloomaproject.com
www.thevufamily.com
www.titansne.ws
tmhsorchestra.com
www.ton.surf
www.touchlessdevices.com
dlink.udharpay.com
droneadair.valari-dev.com
www.vikrambahl.com
votto.net
vuontritue.com
destaat-table.waiterpro.com
auth.app.warp.dev
wenittelabs.com
winzgold.com
bonze-pweb.dev.yoriso.com
app.zeca.ai
auth.zutobi.com
Other domains in certificate