Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.tokendonuts.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 04, 2025
Valid Until
March 04, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D3:70:AC:B9:DF:5E:4F:8A:EF:26:66:C3:63:8E:06:D1:12:FC:E2:1B:63:44:B4:1E:93:91:5F:03:07:36:D3:85
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.stainless-kitchenware.com
2013.bloggi.es
portfolio.acrux.jp
www.affiliateritual.com
aliyaanzbh.xyz
www.anglero.kr
aptinnov.in
www.audivision.in
brick4u.org
invest.bridgingmedical.com
bringbright.com
links.bunny.money
aegle.consolidata.one
demo.coursebooku.com
www.dartagnanguedes.com.br
deery.link
www.depot-tracker.com
pnd-5.dev-ltl-xpo.com
dfarquharson.com
admin.easytap.co
www.ebusaka.com
preview.eccjan.com
encypherstudio.com
cp.enl.kr
environmentalimpactassistant.com
beta.everywork.co
www.facil-factura.com
www.fausware.com
home.fiittt.com
www.catalog.flowy.be
www.frostmartin.com
www.funframesbooth.com
www.girishtaware.com
citizenscharter.gov.ph
greenstoneresorts.com
guessmonster.com
ikihike.com
inventarix.com
ixuniversal.co.uk
jbryan.org
warranty.jdbatx.com
jiahui-and-sinsian.com
deadlinez.jonbantayjr.com
www.kujeera.com
lccouriers.com
letsreto.com
avc.lorenz-graf.com
magik.studio
kohlipe2sales.mapleworkspace.com
mathquizily.dk
auth.maven.com
link.mcshop.com
mickey.li
mindin.in
www.mindin.in
www.mtctuition.co.uk
defi.neio.network
opt.optimist.net.ua
nishantpanwar.in
noctisbellator.com
nowzapp.com
composer.nzsapps.com
app.oddflex.com
mvp-redux.offerdox.com
admin.oiwaikin.com
www.oklahomacasa.org
nicholasterrazas.ontolabs.com
orchecklist.com
motto.panforyou.com
whatsapp-clone.parkadze.com
parliamentadmin.com
bantru.pathway.vn
philipgerke.com
v2.pixereum.io
auth.planto.hk
instructores.predyc.com
progressioncv.com
qflit.com
www.raioxnegocio.com.br
realtydigitals.com
www.religionportal.net
www.rent309kelly.com
savelyapp.com
scworks.nl
sharemystory.us
www.shellbright.com
www.showbook.com.au
singinglessonsaberdeen.co.uk
snipnshipja.com
live-chat-auth.socialsignin.net
surshrutimusictherapy.in
tamilsongslyrics123.com
beta.doc.tartansoft.com
conceptionbay.tcsappts.com
www.tokendonuts.com
www.tradeupcycling.co.za
asisteseguro.uanl.mx
ugdeveloper.in
vrcenter-009.vrplus.info
www.xtoearnings.com
Other domains in certificate