Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=building-integrity.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 21, 2025
Valid Until
March 21, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6E:D4:29:9F:C4:65:60:B3:E8:8F:B0:2E:B1:CB:06:4A:52:98:21:E2:D5:9A:01:5B:21:90:17:FE:56:84:73:5D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
jackclee.com
athinkingape.12traits.com
accurateanalytic.com
tmpschool.aimify.in
seevo.aky.sh
alefzero.eu
app-haus.com
auth.assetron.dev
backseatdungeonmasters.com
bahatihilda.com
www.benjebij.nl
bet2win.club
www.betternotes.app
www.bkmmanagementco.com
m.blaginki.com
www.borislavsabotinov.com
smartmoves.brainfitstudio.com
building-integrity.com
bytewises.com
www.carbonaut.app
www.challenged.app
sagarmathalab.com.np
manage.contemplate.life
app.cryptoornotcrypto.com
staging.ctrlxv.com
web-sporter-frontend.staging.pa-pgrk.delcom.nl
www.desmondhiew.com
diegocofre.com.ar
www.doorba.me
dbat.dugward.com
www.easyham.com
edden.app
edgeflow.com
f1rstservice.com
poesia.facundoleites.com.br
brainstorm.farefin.com
fariskapo.com
links.friendshoulder.com
www.gabgdev.com
research-database.qatar.georgetown.edu
www.getdottie.app
glumberland.com
www.got-hyperlinks.com
greenwoodholidaysresort.com
harindersales.com
www.hnadir.dev
hockeyclipz.com
hydro.tv
i-orc.com
ingles24.app
intratender.com
inventialab.com
www.investoedu.in
qdd-liff.itdd.app
jodimnotes.com
xev.kbi.works
lifealignmentlah.com
lk.sv
lolliprops.net
madrassatyoussef.com
admin.mharesseaclub.com
michaellaw.co.nz
mittartech.com
training.mjusmanict.com
www.modu.co.za
mogpodgaming.com
muskegonenergy.com
cdn.nikpevnev.com
nobel-iq.com
offgridoverland.co.za
www.offgridoverland.co.za
dashboard.onima.co
petsitterprofiles.com
piczen.co
app.pocketestimation.com
pradaxinaseetha.com
www.prop.mn
prothek.com
gestor.publinet.cl
pudgypuzzles.com
pwdfs.com
qrgroup.ch
www.rabiroshan.com
www.ramasse.ca
www.ramtin.cc
roastingapps.com
roobotics.com.au
saraluk.com
sft-emails.smudge.dev
ucm.sowl.to
sydetasker.com
www.tonhozi.com
dashboard.tourbutler.app
triunfo11.com
www.utilsens.com
vislect.com
deputado.votei.app
wordleextreme.com
yasser159.com
zoobi.me
Other domains in certificate