Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=saypopcorn.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 12, 2025
Valid Until
March 12, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F7:9B:F1:57:B1:E2:35:58:5B:17:96:6B:50:C9:FE:6D:D4:3B:34:B8:6F:F6:FD:AC:72:A8:AB:37:A0:B9:20:40
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
gemasegado.es
76n.dev
addisonredmond.com
agazagraba.com
aleksanderbodurri.com
asoredovisning.com
bakersnowandice.com
www.bellaandremy.com
heksenkring.betovert.me
s.bighit.fans
bios-pw.org
boostrr.online
www.campeya.com
chadgames.com
e.biruni.com.tr
admin-panel.costuratips.com
shop.csnk.hu
dartsoffury.com
www.davidsheinbeinportfolio.com
www.deltamusic.app
www.designtools.be
services.dlchub.io
portal.eaglebox.studio
www.education4earth.org
hub.beta.svc.eluv.io
www.ensinandobitcoin.com.br
console.ff-wyhl.de
www.fileside.app
gdj9.foodle.su
foujdar.dev
doc.sso.framelunch.com
friendmas.app
calendario.fudeat.com
cv.fulltechapp.com
www.fyndfit.com
gotta.website
www.grimerian.com
h2tecnologia.com
www.halflifeband.com
havusalmi.fi
klc.hemisphere.digital
imsurabhi.dev
institutoshinko.com.mx
invisiblehours.net
sorter.ivoy.app
magic-life-wheel.j7126.dev
kamilnow.com
khmervoiceapp.com
kinky-spice.com
link.kuenfu0130.com
lcassessor.app
www.likwi.com.br
links.news.mooney.agency
oreolabs.com
www.oreolabs.com
app-dev.origamiwash.com
sorteos.pagaloasi.com
dev.agente.poderegularizar.com.br
www.primtouch.com
nttsapp.prodeo-live.com
www.promptpolo.com
qrstories.fr
qta.capital
rancagua.digital
www.ransomweb.dev
app.rateinfo.xyz
redballcricketground.com
clients.rosov.co
tally.ryankingston.com
ryplz.com
www.s6industries.com
saypopcorn.com
norwich.scouthub.app
www.sergfurtak.com
www.slikscan.com
app.payroll.spreeloop.com
bcscrubadmin.sqwadhq.com
referral.startingfinance.app
stepup90.com
www.superiorcall.io
www.swissgermanapp.com
signification.syzygy.lol
www.targetshootingapp.com
tezene.app
www.theuntime.com
thewillfuldivide.com
www.tiutin.com
tmyanmar.com
firebase.torifuku-kaiou.app
app.townhallhq.com
tripleaaaplus.com
app.trvlr.co
turismofazio.tur.ar
admin-expo-congresoverde.uanl.mx
learn2.unrestrictedprovider.com
values-cards.com
vendorops.io
venturehiregroup.com
wherespace.app
auth.yeahscore.tv
Other domains in certificate