Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=type.papermill.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 19, 2025
Valid Until
March 19, 2026
83 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
72:4B:C4:AE:80:F2:18:A2:78:FA:B4:A5:82:3B:65:4B:97:CA:8A:9E:27:A8:D4:6D:A2:43:39:5D:E5:DE:5F:AA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport,script-src 'report-sample' 'nonce-ZBLC-KRPWui8Ju6Zf48WmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.phrasista.com
peopletogo.3diq.com
ecommerce.aethersol.dev
www.aidanhackett.com
www.amanatkg.com
call-center.ambedo.io
angien.com
docs.arthachain.com
www.asiproduceparaguay.com
blog.atlasemporium.com
link.tradem.avidi.tech
www.bashasnaturals.com
bouquetdepatates.fr
brightlings.ca
buddy.education
sureremit.merchants.busha.co
devtools.bytebunny.org
chrislane.com.au
www.cidssrilanka.com
www.claimitcorp.com
www.brightpathfoundation.co.in
qr.cometelapp.es
book.computales.com
app.cofan.coop.py
d4aa.ch
market-trial-proposal.datatruestory.com
www.davidphotosub.com
api.degendogs.club
designsnack.ch
www.dmscreener.dmtrading.fr
dogestudios.com
equilibrium.app
etherscapegame.com
link.local.evolist.app
l.expotelaviv.com
admin-dev.figgoapp.com
app.filfull.com
www.fitforce2.com
flipstorm.co
www.footballdelivered.com
app.getsajdah.com
gianmariagniuli.com
gudogames.com
civics.gyandip.com
app.icedragonboat.ca
measure.ivalyu.live
karlol.com
www.khalilghanem.me
firebase.pkg.knekt.io
www.koreantrack.com
ab-agency.kreatewebsites.com
kutayacar.com
app.lantsea.com
laughstruck.com
lempi.de
links.livsstilsverktyget.se
www.lonian.ca
app.lugus.digital
mamys.be
mapitdone.com
marketfreshonline.com
www.minismart.in
moondreamreality.com
www.morokwood.com
mrmovie.mrizki.com
app.myneurodiscovery.com
myneurodiscovery.com
www.myneurodiscovery.com
portal.nextknowledge.ca
www.ngphotostudios.com
nouman.com
demo.openreply.app
dev.links.opnte.ch
console-admin.osok.fr
type.papermill.io
www.parkur.global
petrovicz.com
www.pushups.no
q8hotel.biz
admin-panel-staging.qlub.cloud
www.qrange.in
operations.reachmobile.com
rent4up.com
rewhite-climbing.com
rlcsle.com
romanciqmatch.com
www.ryanbeardfilm.com
schedulekeyapp.com
shelf.city
rms-survey.suitefeedback.com
partner.supergenerous.co.nz
surfeus.com
tenne.co.jp
traq.au
trimworksmt.com
useless-corp.fr
sacre-tech.vmathieu.dev
portal.weddingjourney.in
www.widelight.studio
zach-vincent.com
Other domains in certificate