Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=williambanquier.ca
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 24, 2025
Valid Until
January 23, 2026
46 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
3A:CF:F3:8C:6B:28:B7:15:70:5B:64:CC:13:16:B9:A6:9D:21:DF:F0:8D:39:3F:42:7B:D6:17:AB:C6:F1:C2:94
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
ajpyeventos.com
abhishekminz.com
rafflu-web-development.ack.ee
www.agrimensorgritti.com
www.altancare.com
www.avinyaautomation.com
www.avocadoxusa.com
manual.bayareapediatricsurgery.org
www.beratbarancevik.com
bienstartepremia.com
big-o.dev
d.bitaksi.com
boogiesoftware.fi
www.bookmyrefill.com
app.boomerang-hq.com
carxby.com
www.certificadodereciclagem.com.br
www.clipboardhistory.app
modelviewer.cmouse.app
app.driver.com.ph
www.proknit.com.tw
connekkt.io
dayzkillfeed.gg
dev.driverone.org
www.ejcenteno.dev
dev.cx.elementary-ai.com
entreprise-enveo.fr
fairylullaby.com
www.finalversion2.com
findmyfavourites.com
www.findmypath.org
fre-studios.com
cam-rsa-app.frt.vn
firebase.fugudev.online
site.globalcredit.ua
godfield.net
dentalfamily.grupoxalka.com
mebal.in-modesty.jp
app.inidify.se
www.insanewriters.org
wangkanai.intechvalue.com
app.justthankyou.com
www.katienuccio.com
koreantrack.com
dyor.kwailabs.com
legasint.com
class.littlerosepastry.com
www.lobelia.kr
www.lvatrade.com
www.mozexames.com
map.muravidek.re
old.futami.my.id
mobile-apps.mycarly.com
www.ndcrpf.org
nfltable.com
bench.noraylab.com
em.numerous.cloud
www.onewaydroptaxi.co
verkor.optel.app
ossrshipchandlers.com
www.plantdirty.com.au
truck.porterbob.com
chrome.portfoliolink.co.za
predictandwin.app
www.printingw.xyz
auth.proofup.com
www.rainydaysapp.com
www.requisita.app
www.ridehugo.com
www.savetheplanetgroup.org
soumayaerradi.it
sharedev.sparrowconnected.com
authtest.squadle.com
go.student-lt.tech
studiopigglepsicologia.com
suddenpeak.ch
wallet.syncme.com.au
tenntenn.dev
www.beheer.toegangsbon.nl
fire.toughlovearena.com
trafficinfuser.com
links.travel-stamp.com
www.trgtpool.com
triskil.com
tromboner.io
www.app.trune.io
digest.tryhabitual.com
tvlp.link
www.ucreferral.com
egnsarkiv.util.dk
www.vasanthamconstructions-cbe.in
www.veralink.io
veronica-bella.com
williambanquier.ca
woodworriesbuilderswales.co.uk
www.workpermitpro.com
www.wpinango.com
portal.wxeq.com.br
www.zahin.ca
www.zelandaescribe.com
Other domains in certificate