Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=burningmanfilm.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 12, 2025
Valid Until
January 10, 2026
50 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
84:06:97:74:C0:9F:F1:35:1F:B4:18:6C:79:B7:3F:18:FA:B6:8C:48:3F:1A:87:C8:7E:A3:14:D2:9B:E1:25:77
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
itdogtics.com
2015.eazeup.com
go.gina.aimpact.ai
dev.alexandre-paradis.com
aotak.me
www.apholtra.ch
trazz.app.br
taurus.appshare.com.br
www.averk.net
ballsin.uk
otodeger.batioto.com
battlestar.fr
www.bolsafy.com
burningmanfilm.com
cadule.com
www.cbcaa.org
www.colmena.us
srijesh.com.np
cto-on-demand.fr
www.dmcplumbing.ca
www.dpxp.io
www.dunorteacai.com.br
shemsperambra.edu.in
staging.cms.expectful.com
pusc.findmeaningfulwork.com
auth.flatfrog.com
formmate.io
dev.grfn.io
app.headlyne.ai
learn.itclub.ro
itmarket.mn
jdchoi.com
jmcharbonneau.com
www.jobeez.app
www.jonscannell.com
josiahbuxton.com
yaoshixianyuan.junyijiake.website
keraprofessional.com
koiketakayuki.dev
lifecontrol.uz
data.liquidx.net
lnxcy.com
localenlp.com
massbook.co
www.mastery-for.com
vue.maxentwickler.site
meetbabymunnerley.com
megaozon.com.br
metability.io
www.mmmumbai.com
mochaclass.com
www.mylahorikitchen.com
nationalpng.com
www.natmegy.com
neulink.cloud
newvrajsign.com
next-up.in
www.njzclub.com
beehive.oberbics.at
app.ohmassistant.com
www.one8right.com
development.oneselect.global
testapp.onlinewatt.com
bank.ontheroadlending.org
dev.demo.optis.ai
ortiz-construction.com
paglamart.com
appdev.paycloudafrica.com
demo.inshape.pbj.live
rinkeby.v2.pixereum.io
lpny-0917.porcupine.live
mms.processshop.com
www.programmingpablo.com
radsconsult.com
randomwalkingapp.com
www.rappisuper.com
checkin.remotesocial.io
renner.at
www.resquash.com
sahakar-group.com
www.live.sascargo.com
app.staging.scriptarnica.com
www.sevkel.com
shoosoku.com
www.shyftsystems.com
soshogames.com
soumission-avantageuse.ca
www.sparklebeard.net
features.spatialthink.com
squadrew.com.br
tahercorp.com
tennisscoresheet.com
terennirehabilitace.info
www.trinique.in
tracking.vamdo.de
virginiasquarecondo.com
app.vision2watch.com.au
dev.vpacs.net
www.webline.ee
xorcare.ru
Other domains in certificate