Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=blog.dparrish.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 23, 2025
Valid Until
January 22, 2026
72 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
3B:E8:2E:ED:90:7F:5F:3F:5A:CE:28:2D:FE:DD:B3:82:55:6B:5D:7D:60:26:BE:76:EE:0A:63:C0:24:20:5B:4C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
letterstokatie.com
2121.htet.info
dudu.ap1.com.br
www.app-deco-oea.org
appi.day
approveit.app
asksophia.app
backgroundstudio.app
app.banderolka.support
app.beta-integral.com
betternotes.app
game.bluefieldsdev.com
sound.boardrunners.com
www.boatbase.io
app.box2box.io
www.caribbeanlodge.org
moonboi.chan.gallery
tomcat.chrislauer.net
app.citypackapp.com
ci-employer.cnect.jobs
www.corinne-robichon.fr
couplefriends.app
geo.datum.ph
www.denkmal.org
doof.app
blog.dparrish.com
eventservice.in
fire.getfilta.com
app2-link.gipl.io
try.goksel.me
blog.halkin.dev
oa.hanlin-its.com
dev.inquery.hulic-agency.com
app.humblpay.com
divido.huvber.me
www.ikeytechnologies.com
illumined.net
inocuject.com
ivanalvarez.events
jamesjwarren.com
jimdgeiser.com
www.julianaribeiroimoveis.com.br
kaffeekraft.ch
salesforce.konverse.ai
portfolio.kvin.dev
lahainadojo.com
lekske.be
www.lemhand.com
www.liamhorne.com
livestreamvoortheaters.nl
tables.loganandnova.wedding
cds.testing.lzr.dev
medicaltime.org
www.mesaital.com
staging.mettle-studio.co.uk
minhhuyltd.com
mitta.me
hindcraft.mrhdumpty.xyz
baharirezha.my.id
myheadhurts.app
www.neofinitive.in
netunoapp.com
demo.notforme.org
beta.oceanlog.app
beta-bis-api-service.ordersify.com
www.paisacontroller.in
pakkapino.fi
www.beta.perfectzero168.com
www.photoradarapp.com
poopinfo.com
psychotherapie-maier.com
politica.quierounfiao.com
app.radia.io
panel.dev.rallygo.eu
rastroverde.com.br
royaltyfreestudios.com
scottcrichtonlaw.com
www.selfmadeacademy.se
www.sethia.dev
skillscore.skooldio.com
skpsdmv.org
office.solongo.app
sophis.ch
sports-map.com
careers.sssmediacentre.org
stemhub.online
www.stringbits.com
log-viewer.surveyaan.com
www.suzannemcgoeymd.org
takanoshota.biz
www.tbrag.com
stroef.teameindhoven.nl
tipsyterror.rip
www.topclusters.io
www.trainme.com.br
www.unviajeenburbuja.com
unyooon.com
www.whataremydevsdoing.com
store.wrkout.com
dashboard.wumbox.com
Other domains in certificate