Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.pinefog.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 06, 2025
Valid Until
January 05, 2026
50 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
96:B7:9B:07:10:F8:56:B6:92:F1:94:CB:B0:AE:04:34:AF:EC:5D:64:0D:CD:E1:10:A0:4E:E9:A0:BE:44:AF:11
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
kprappcompile.com
my.adeptly.ai
aespinoza.me
aflexfitness.com
algolab.uk
app.allynscafe.com
admin.arcadiamedical.co.uk
arnaudjalbert.com
artisse.us
asvanu.lk
worldentertainment.axel-order.com
pdfextract.balajuluri.com
beard.ink
bhavinraval.com
f5c.bioinf.science
www.caitlinks.com
capemaybagel.com
capt.us
catfarmcrypto.com
www.cattleapp.co.za
portal.chaserhq.com
www.chiayifilmstudio.com
www.classy.menu
instore-test.clienteller.com
control.cmorider.com
cinegram.co.film
rec.ethosia.co.il
play.cotuongoffline.com
cremona.in
cryptle.xyz
ext-web-admin-i.dev-ltl-xpo.com
mesa.dmfweb.com.br
www.dpfxpress.co.uk
drmorgan.org
deweb.eosnation.io
stg.assessment.faura.us
inhouse.fynedental.net
www.ganeshtapodham.com
garnerupc.org
www.gdgwarsaw.pl
hrcpofficial.org
i-studio.io
imageclipboard.com
inhousechef.org
innofyre.net
instabear.app
staging.jampad.app
www.jumpsy.io
justnews.es
www.kfltech.co.uk
testinvest.landex.ai
letsmakeloot.com
ventasagentes.mediaccess.com.mx
www.mediaxis.jp
app.my-digital.menu
staging.myfiona.com
www.neonboard.ca
newlife-sakae.com
nobioffers.com
www.nubile.sexy
app.nyfty.ai
www.opencubelabs.com
livecau.outgrow.website
www.peppsoakdale.com
app-dev.photoshoot.ai
www.pinefog.com
www.protus.ai
puzzlehealthcare.com
app.quicta.io
link.realmadridplay.com
www.sabriumut.com
salon-urska.si
summer.sheltonacademyschools.com
icarus-talent-sim.shigureaya.me
shwaasayoga.org
design.sindre.io
dashboard.test.skipr.ninja
encoder.skrub.dev
slfemp.net
ucl.portal.splendo.health
events.stmary-rehab.com
www.summon.tech
superfim.us
beta.swingwizard.ai
tangiblebytes.co.uk
www.tastaban.net
www.tasteindiancuisine.com
thedigi.app
app.thepassbyavc.com.au
www.thesmilesurvey.com
admin.tintlaunch.com
development.toco.id
trackstars.se
auth.tradomate.one
dev.deals.trytaste.app
www.unitworkers.com
www.waitedco.com
wewod.app
admin.wodenevents.com
www.wonder.games
Other domains in certificate