SSL Certificate Analysis for app.arcury-location.com - Security Grade & TLS Configuration

Open Cached · just now

78/100 SECURITY SCORE

Certificate Information

Subject

CN=casstools.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

November 05, 2025

Valid Until

February 03, 2026 83 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

EB:AE:64:E6:E8:C0:47:09:77:AE:45:C0:9A:83:87:D9:2E:C5:34:ED:64:7B:51:69:F7:3B:D2:77:41:17:7F:3A

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Weak

require-trusted-types-for; report-uri; object-src; +3 more

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Present

ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Significantly strengthen CSP directives
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

app.arcury-location.com

Other domains in certificate

3-way.it

www.aamesbell.com

academyoflosing.org

ajarha.com

notes.as.mt

www.ayselady.com

azkhan.me

www.baconkingstudios.com

bagillt.net

bait-group.com

www.bizarreware.co.uk

casstools.com

ourapi.co.in

cpwrol.state.co.us

cogito.agency

www.concursopianouyu.com

terminal.contablio.com

continentalrecords.net

crescendogroups.com

crunchafrica.live

www.ddr-brustmann.at

pilot.deepblocks.com

andysweet16.deqoimagen.com

dharmakumala.com

dietwise.app

directlist.site

booking.easygolf.vn

www.stock.evergreengelateria.com

link.feelopus.com

www.fetanx.com

go.fullcharge.nl

videochat.gonuts.ai

grand-market.shop

grd.si

greentreepharma.com

www.grocsale.com

www.guitarapp.com

keepcoolforms.gymkee.io

www.hannaspricht.com

hindurhuchischool.in

homepaversconstruction.com

genki.honu-tortuga.net

howcanihelpui.com

dev-engage.idtapthat.us

incembrance.com

www.inovhy.com

www.investtech.pro

www.jahangirjadi.com

jswrakennus.fi

www.krypto.ro

topsecret.laplaceapps.com

leader.live

www.materuel.com

www.mediconindia.com

megawattelectricals.com

milestonesound.com

mytaskee.com

nealwadhwa.com

ypo.neoufitness.com

nuclea.id

auth.nuvibrainz.in

odjassamarket.com

plover.pt

www.prayer-sphere.com

app.pulproducts.com

events.readyforkindergartenidaho.org

rebel-ed.com

www.runpal.live

iron-dev.seramont.com

serve-robot.com

manuals.sewardpolice.us

www.shanthiaquatech.com

www.sharptools.io

sidelinehd.com

sitedela.eu

www.slodel.rs

www.smartdeck.poker

octopusenergy.speakylink.com

www.spiceodyssey.in

sprites.gg

www.sthiragita.com

madurai.supercabs.in

taloonstudio.com

www.app.tappityapp.com

app.trackkeep.com.br

childrenfirst.trustin.app

www.unsorbodecafe.com

useexponential.com

werkstatt2.velo.de

www.vempravida.com.br

veronicabvs.com

test-app.vitafyhealth.com

vulprasoft.com

weight-plate.co.uk