Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=carlsonpe.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 05, 2025
Valid Until
January 03, 2026
51 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A7:16:0A:42:BF:C2:9A:BC:F5:F2:35:0A:F5:44:4A:92:88:90:AC:AE:5C:1F:96:D2:29:E5:2B:75:CB:EC:CC:97
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
custom-fit.davidprae.io
123abc.com
dev.ttconnect.28east.co.za
www.almeria.dev
aniplast.it
stock.apis.ar
kkomalab.artay.net
utter.audeering.com
avocadoxusa.com
events.beyondnetworking.ca
track.bigblue.co
blackriders.com.ar
broad.com.br
www.caata.in
www.canvaslabs.ai
carlsonpe.com
aiweo.chowagiken.co.jp
paradisepass.clau.io
www.cmaibeauty.com
www.cmcgdd.com
deeplink.adoc.co.kr
yeogiseo.co.kr
coachedbygj.com
highlandsranchherald.column.us
gcloud.com.my
www.bxm.com.sg
auth.concertory.com
www.cpln.cc
creatorsmap.com
wowza-orders.crispnow.com
daiauctions.com
tru.decervo.com
obi-5.dev-ltl-xpo.com
dosety.com
drmagesh.com
ecostay.us
elementsmediaworks.com
ellisongames.com
esta.nl
www.esthernoordergraaffotografie.nl
exicard.com
www.fantasygoldgh.com
cms.fox-club.by
www.freefreecell.net
aplicativo.gerensia.com.br
logos.go-fet.ch
goldencross.app
halaszadam.sk
www.huisvol.nl
tryapp.intechs.com.mx
business.invr.world
liveemea.invue-live.com
vc.jombay.com
www.justinireland.com
www.postenboek.katalysatorduravermeer.nl
kewriversidedevelopment.com
dev-api.labzenit.com
latouros.com
www.lemontree.fi
www.leveluptek.com
lingowise.app
mastersofdisinfo.com
meet.cam
michaelglueck.ca
home.michaelpeterhartmann.net
phone.mkpartners.com
se.mojoule.com
www.monotone.com
www.mors-immortalis.ca
mutsen.nl
mygoal.fit
netdreams.io
www.oceanservicegroup.online
www.openq.co
anebhi.orchestra4edu.com
www.phillduffy.com
app.pinc.business
www.popsto.re
www.prjmax.com
prodexis.com
www.rasep.fi
readycollect.solutions
salonerika.cz
singaporewhere.org
succulentcode.com
www.surshrutimusictherapy.in
www.thedennistechgroup.com
www.tmpr.co.jp
www.topotemps.com
auth.triplogmileage.com
www.tynispa.com
velasp.com
visionbeyond-staging.visionbeyond.app
voyayge.com
movix.vvek.dev
we-make.app
wescodes.tech
wod.tf
app.yopicare.com
zealluxe.in
Other domains in certificate