Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.pasturepigssystem.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
53 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AB:EA:B3:B4:98:F2:06:D2:A5:C6:17:57:80:D9:2B:96:43:50:14:B5:E1:E7:A8:2B:E0:6F:0E:6E:67:C7:2D:76
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
bluestinger.org
map.2ok.kr
7vowss.com
advisory.aider.ai
alistairchitambo.dev
asyncplanet.com
ave2avepps.com
www.bazaar-egy.com
www.burtonalgorithms.com
www.byb.com.ar
bytemeandramit.com
candkcarrental.com
go.ciandx.com
circleeduventures.com
chocomint-admin.coders-x.com
codypeters.dev
consus-mtech-app.de
coolpress.com
ts.hawkeye.dev5s.com
doctor.dn2me.com
cardano.dreamwave.live
admin.navigos.eisqr.com
energyhealingjewellery.com
alpha-videomark.ezcast.com
famemadesense.com
flipside-games.com
gdk5.foodle.su
score.foranglers.co.za
painel.fretemais.com
www.getyoursnackon.com
goeastllc.com
gomil.es
gratavid.me
grelhaepanela.com
www.guitarlessonsportsmouth.com
gymsplat.com
healthsonspharma.com
terapiasluchu.iapps.pl
viettien55.id.vn
auth.ieltsnavigator.com
catalogo.imersys.com
payment.inter.mx
interclubgreece.com
indiamgmt.iolite.software
isthatok.net
janardhanpulivarthi.com
jimmyleta.com
timetactic.josephyaduvanshi.dev
www.juanjodev.com
link.karacsonygergely.hu
www.karst.dev
www.lacholita.com.mx
stage.zena.guest.lasoxp.com
dev.checkin.leaderland.academy
register.learndot.online
lifetechapps.info
app.luitfanclub.com
magictradingpost.com
mailandguardianonline.com
radiology.medisureonline.com
minimumviablepython.com
mtrackerpro.com
auth.mwakili.com
devices.mybeakbox.com
nashvillesites.com
netgrids.com
startcup.newonce.net
eleicoes-oab-app-hml.oab-sp.com.br
app.onlinewisp.net
pabloanaya.com
www.pasturepigssystem.com
paulhighum.com
www.pedromichel.com
www.piatto.com.au
parallax.pirochta.com
sso.platoon.fm
pondslakesandaquascapes.co.uk
enquiries.provincialeducation.co.nz
pubstats.dev
www.pullingteethpodcast.com
auth.mssp.qush.com
raashishah.com
raynorreunion.com
demos-clientes.redlineuw.com
reservesmanager.com
pos.restoplus.com
rikupunkka-cv.com
api.beta.roadbotics.com
runejs.net
sewakunj.com
seller.shopiebazar.com
nespresso.sky-boy.com
taitarestaurante.es
cabs.sec-test.tcat.app
console.thingware.net
eunicesolucoes.minhacentral.trausedu.com.br
path.tundrainsights.com
ubives.com
webshop.volksvreugd.be
app.we.shop
Other domains in certificate