Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=punter.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 29, 2025
Valid Until
February 27, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FE:46:11:37:99:AC:8F:8E:17:55:E5:57:A6:9D:56:6D:12:90:EB:37:55:0D:CB:29:B6:FB:3E:89:9A:E8:4C:3F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
color.projects.danielchao.me
www.21sina.com
3d-map.ru
payment.telotengo.3dlinkweb.com
scarlets.addclarity.net
www.alasconsult.com.mx
www.albertogandara.com
usd.algos.app
staging.amplisend.com
liff.stg.anychat.tech
keepcalmgangnamstyle.apptget.com
awehmagents.co.za
baltel.com
www.bbhofvanheden.com
bkdroptaxi.com
www.budou-design.com
help.cambri.ai
www.catholicengineer.com
chammo.vn
clinicconnect.io
crowd.aimmo.co.kr
croatiayoga.com
www.curtisstaples.com
dfree-fb.dfree.io
doriri.com
admin.dreamkpay.com
moneymanners.easyapp.co
invite.easyfasting.co
crbdistribuidora.edsys.com.br
www.excellbrands.net
www.eyeballtech.in
fcitr-tracker.site
findeck.link
admin.fortunehomecare.com
guitarlessonsmiltonkeynes.com
harrymarwanto.com
admin.hgs.app
hsdcapital.fr
icqual.com
ifidie.app
oseuaplicativo.infinitifood.com.br
intidam.ma
www.invisible-factory.com
www.isocket.io
jacksonic.ca
jasonlovette.design
www.kidstartupbook.com
kirkyuan.com
knsey.com
koobiq.io
advent.ksgl.ch
www.laladrive.com.au
www.launchpadux.com
legacyvindecoded.com
www.letsforecast.com
beta.ligur.io
links.localfood-badwaldsee.de
lockbucket.com
macaosoftware.com
www.madeby.website
leagues.mahnuser.dev
marksandnumbers.com.br
collegeguru-ug.metis.club
www.michaelecon.com
molecolapizzeria.it
mvrefrigeracion.cl
mycar.sale
ginks.name.ng
neatnumbers.com.au
initiative.nyppo.com
oshanrasanjana.online
app.otimizadordeforcadevendas.com
api.panl.co
www.parttime.in
pratistudio.com
hopper.prb01.com
punter.io
www.reflexologybynatalie.com
docs.roboflow.ai
assets.stdwatch.com
stellarglobal.org
stage.strideq.com
suntec.hk
www.tamberine.org
www.techdisc.com
teco.technical-communication.net
tendie.land
www.tendie.land
shiurim.teo.ma
thegoat.dev
www.tibas.berlin
www.tiputech.ca
pay.tirekingdom.com
tisco.pro
www.tourney-maker.com
www.ukaysquared.shop
uniskool.net
fzdn.data.usp.center
app.vicunous.com
noho-app.yonoton.com
Other domains in certificate