Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=public.spaq.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 02, 2025
Valid Until
March 02, 2026
79 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4D:12:84:51:A0:7F:BA:50:4A:9C:EA:F8:0D:3B:B0:90:5C:C5:29:50:65:DB:BE:F5:CB:C9:5B:85:88:5F:85:38
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
ceocrm.cajalosandes.cl
my.3past7.de
solo.4ebf.de
admitme.fyi
aegeri-citybarbershop.ch
www.amazinglearningcenterllc.com
arapcontadores.mx
scrumpoker.avanti.dev
averyscuttingedge.com
biket.org
www.bitopankalita.com
biyyik.com
breaker-breaker.app
bywood.pl
www.castells.app
www.chattycat.fr
isp.staging.admin.convercus.io
app.cotreat.com.au
d-genesis-stats.com
qa.decisionhub.org
deeniyatshop.deeniyat.com
sales-ops-i.dev-ltl-xpo.com
parcelafacil.dillianzbank.com.br
www.dreamcoder.tech
www.entertainingminds.co.uk
fc-la-filiere.fr
findme.movie
frag-mal-den-papa.de
www.genuus.com
app.gfc.io
address.gitdata.ru
gourmetplanet.in
www.greendroptaxi.in
www.ondernemers.groenebon.nl
www.gymratsnft.club
harpandsheena.com
chat.healthspaces.io
rpcclient-javadoc.hertsstack.org
sm.hotekan.com
www.instanttea.com
www.iranshahr.de
iuwe.in
nacionalsaude.hml.portalcliente.izii.io
jtc-kaitori.jp
www.kamilacakesllc.com
kerguelen.in
auth.app.kincode.net
auth.larnii.com
www.lemonpa.com
life-inharmony.com
luckert.xyz
play.qa.luckygold.fish
mateuszkapala.eu
mcrni.app
www.menofcourageinternational.org
condomina.mewo.es
portal.midiamarketingtecno.com.br
mizorameconomicassociation.com
pregnancy-dev-qa.mobi.garden
moveartgyogytorna.hu
nerdside.it
nufeed.id
id.pdfsnake.app
poporoya.pedidomovil.es
mailzone-app.prod.phnx.review
pixelogic.app
lovers-in-r.pochittoo.com
presnt.in
pubsigns.info
web.qrkey.in
reinforce.me
npc.rewiretech.com
admin.robertvandenborn.nl
secondsense.club
sentencesplitter.com
seraphs.in
www.sied.online
www.simatomic.com
service.sjmediagroup.com.au
smallpinefarm.com
public.spaq.com
ramq.spaq.com
app-delicia.stailer.jp
synergysportop.com.ar
taumat.tech
thelastrockstars-goods.com
bookme.timebkr.com
tjm650.net
donate.tmpny.org
tnprintworks.com
www.vnilab.com
vocabuild.com.au
amongchat.walkietalkie.live
watheeqcard.com
www.weberworx.com
www.williamgraymusic.com
xqst.cc
yardhostle.com
www.zenmindgames.com
www.zenreki.finance
Other domains in certificate