Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=syringapadel.co.za
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 24, 2025
Valid Until
February 22, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F6:DA:B1:72:FF:17:BC:23:23:86:17:3B:6B:CF:4E:91:50:DB:0F:42:C4:CA:85:61:F7:0C:B2:6E:E2:60:E9:22
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
comodoca.com
digicert.com
; cansignhttpexchanges=yes
globalsign.com
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
sectigo.com
ssl.com
Wildcard CAs
globalsign.com
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
sectigo.com
ssl.com
comodoca.com
digicert.com
; cansignhttpexchanges=yes
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 7 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
Subject Alternative Names
100 domains
ashparx.com
acubytes.com
agatha.se
ambreon.com
anontopicchat.xyz
www.asociaciondemujeres3c.com
fitness.avmsistemas.net
bazaarlive.uk
www.bingeblue.cz
www.jayasakti.biz.id
botbistro.ru
investor.caplia.ai
caribaa.shop
casper.cashwerk.io
app.dev.casus.ch
ecom.cbdigital.tech
chabyvevien.store
app-stage.cheraghbargh.app
test.getgoing.co.id
www.baic.co.il
company.breathings.co.kr
soma.kpr.co.kr
www.autowindshields.com.my
combat-lab.com
www.datadesigntools.com
davidputneydesign.com
rcjn.ddns.net
sharkfin.ddns.net
beta.digitaledgetech.in
distractionhq.com
doceniamy.com
www.doceniamy.com
dontgetwolfed.com
www.easyhomes.ph
gelatomaster.eid.cl
upspree-admin.enkept.com
upspree.enkept.com
www.escribanamenezes.com
esend.tech
fassiconsulting.us
flow-digital.nl
a0h2.foodle.su
frequency.nyc
www.frozenphoenix.com.au
mta-sts.gaacc.co
mta-sts.gaacc.com
genie-works.com
bowl.haydenjeune.dev
match.healifystore.com
iamjenjohns.com
itsamatch.com.br
justinponzo.me
justred.io
www.karolyikinga.hu
kivee.app
testnet.lila.rent
luckchess.com
magalifps.com
app.marakish.org
jeux.marmelade.io
mauroclasesdemanejo.site
flows.michalroman.cz
microlabs.dev
mohaglobally.space
thessa.nextpak.org
nioloans.com
www.udlejning.norsepm.dk
novaimport.dk
devsjef.pantes.no
dochazka.pavel-marek.cz
pnconstruction.lk
wales.poweringtogether.com
betpoints.prestigeclub.vip
www.psilarissamiranda.com.br
quervaler.com.br
resumedart.in
app.savanna.studio
shipnest.live
app.sourcesync.my
stacxmarketing.com
www.stillsisrael.com
stoicregear.shop
bundler.studyq.lk
syringapadel.co.za
games.teamprove.de
www.termiite.co.za
thetrithreadcast.com
tokenmesa.com
www.tokenmesa.com
information.tokimane.jp
admin.upmentorx.com
valore-hatagaya.com
verificarnumero.com
vietspeaks.com
vojtechstefek.eu
whatinthesamhill.dev
whenworksfor.us
willandsons.com
apoiador.yupistudios.com
cizor.zynor.com.br
Other domains in certificate