Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=andreaskurz.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 13, 2025
Valid Until
January 11, 2026
40 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A1:58:B3:E0:D0:4E:9D:22:FF:FE:A8:27:93:70:06:D7:81:DD:32:9D:BB:02:68:AA:FC:C9:88:15:A1:AA:20:1C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.tamayodevelop.com
api.aclymate.com
dev.afr.academy
airsmat.com
andreaskurz.io
shows.aponi.sk
aranjbar.me
arquitetura.art.br
app.asez.ai
www.aviliusconsultancy.com
opioidservicelocator.azahcccs.gov
beespilot.app
bentogrids.nl
betteresg.dk
admin-dev.bildit.co
www.bonga.to
www.briefly.app
cardappiodigital.com.br
pphe.checkin.website
sauber.com.ec
convene-now.cpptl.co
davidhodge.dev
www.density.so
dont-scan.me
edmusicateachers.com
staging.feety.app
fevfans.jp
forspec.co.jp
generative-ai.company
www.getthezone.app
www.gofieldguide.app
gradewireacademichelp.online
www.gridshark.app
devtest.grupa.io
intranet.gsc.app
auth-dev.iliad.ai
infoglobal.info
inkognito.store
hwadmin.intelibuy.my
admin.istiqlalhouston.org
devadmin.istiqlalhouston.org
free.kikagaku.ai
kilinc.blog
users.konex.app
knoxrestart.ksec.cl
ab.lex.mk
www.lihhatsov.com
realms.lordos.tech
madamcurious.com
mavacoldbeverages.in
www.melhormarcade.com.br
app.menfasting.one
detailz.menucloud.ai
www.mismatch.app
dlcn.myassociation.app
www.mycancerandketo.com
beta.nahaus.de
app.neurowaste.com
ispicethai.nextorder.com.au
the-leaf.nextorder.com.au
www.nextorder.com.au
orderr.in
pelositracker.app
www.pinnacleadvisory.co.za
myintmo.pitiplus.app
www.porinyhasunnot.fi
primeprive.pro
www.q-fit.app
queuee.dev
auth.quizbrisk.com
whitebox.rabot.us
stage.react-tutorial.app
rebalancenow.org
rielpharma.com
sense-photo.space
kaduna.sentinel.ng
www.simsouls.com
somosprotagonistas.com.ar
staging-rewrite.somosprotagonistas.com.ar
corsi.sottotesi.it
stamina-technology.com
www.stellarmobi.com
www.taleandstitch.store
theicon.app
thenerdsocial.org
art.theorygenerator.com
psychodynamic.theorygenerator.com
event.reg-test.tixologi.com
admin.todaysmenufoodtruck.com
totree.co
www.toxicitytribute.be
app.tragwerk.group
sophomore-transfer.nursing.umich.edu
videiracentral.com
workforages.com
www.xcoin.co.jp
franexpo.xpresslane.in
xstragard.com
game.yathit.com
youfirst.agency
Other domains in certificate