Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=join.theshutter.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 30, 2025
Valid Until
January 28, 2026
79 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
41:C5:87:2C:2C:D5:56:56:F7:6F:9E:CD:C6:F3:4C:90:B2:E5:BD:54:A2:D9:59:F7:50:0E:AD:85:BA:8F:08:53
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
drarulrhajtrust.org
abequar.com.br
internal.amaiscloud.com
anagraph.io
applicazionisiba.it
arbooks.fr
atlasenduring.com
app.besoksregistrering.no
www.birthdayforacause.org
bmdesigner.com
www.borsetti.com
bortoni.net
brazpix.com.br
www.admin.bridge-app.de
bytez.io
dev.admin.careerbase.co
payonedigital.co.in
easypoint.com.ng
sakshyamaryal.com.np
www.define.ag
www.differenttouch.org
dev.digibaad.com
www.dublostudios.co.uk
codinos.easymaintenance.app
www.edden.app
www.edenscapedesign.com
elastycloud.com
www.freckle.hk
app.fremby.no
fromyoureyes.app
frontera-ics.com
api.genesis.game
www.fungrito.globalgarner.com
santaanita.gob.ar
goclean.co.nz
auth.gotobus.com
list.grobby.nl
www.guang-kai.com
www.hadi.zip
humanambulance.in
petesparts.infinitediscounts.com
manan.iterabledemo.com
japandawah.com
www.jogi.io
jyoticourier.com
www.kaars.no
www.kiadrummondville.com
lainee.org
mancation.casino
marscartel.com
app.microtask.one
mrgssystems.com
www.mrskeeto.com
murraymcauliffe.com
getyourdogwalking.mydogsday.com
www.nai-edu.it
www.nexad.services
ngscottage.com
nhrassociation.in
www.ninterdata.com
www.notaspampeanas.com.ar
www.onsitecrews.com
staging.app.openq.co
www.pebblehabits.com
www.pet-weight-chart.com
cal.pickadoc.de
dev.api.picky.recipes
thinkaloud.planosophy.info
www.pokinia.com
www.printercounters.com
assets.probiller.com
agent.queueoff.com
retired.re-ynd.com
lunarstudios.rosatocorp.com
app.aselagayan.run.place
runechualanh.com
saidrepair.com
saladjuris.com
context.samhowes.com
dashboard.dev.tablacasa.com
play.tappityapp.com
dispatch.taxibarby.dev
brookshuff.tcsappts.com
kaalachashma.thediners.in
admin.uat.theelefant.com
www.themelonssalad.com
theo-mecanique.com
join.theshutter.app
ca.tpnt.in
transportespantaco.com
triathlink.com
trikisconstruction.ca
pensacola-staging.trueomni.com
links.tunify.com
vanillachess.com
fb.wgroovy.com
wheregotfood.com
wroclawstudio.com
zalox.me
zeilmeer.nl
Other domains in certificate