Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.paperbackmag.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E0:DF:39:19:BD:4D:1B:34:BE:47:69:41:1D:DD:2E:94:30:DA:C0:99:D4:9B:8E:95:51:96:3F:95:70:29:3F:AC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
link.luffa.im
www.aarlet.com
abp-talents.fr
pbec.acuteplus.app
hub.alcedo.ro
www.amd-japan-lp.com
www.animate.me
awestats.com
www.backend.engineer
share.bellex.in
bellme.xyz
vendedores.bits.ec
bnk.club
bonpos.es
inventory.boroughlasikcenter.com
connect.test.campable.com
link-mdobeeldbellen.caresharing.com
auth.chessexpert.io
chopchop.gg
mobile.clickers-team.com
www.thermo-express.co.il
www.pnca.co.in
xcall.xhub.com.vn
student.dena.com
dorian.cc
d1-nps.dpd.co.uk
q3-track.dpd.co.uk
edu-design.ca
www.equiposemmi.com.mx
trackingapp-chl.esports.cz
firma.xignux.firmadigital.com
devfest19.gdgstrasbourg.fr
www.getintouchapp.com
www.getpayify.app
colorb.grevling.dev
www.grskohima.com
www.haizelai.com
henryforce.com
highlightsnft.com
highlow-demo.com
www.hypotec-lo-campus.com
www.intechbit.com
www.connect.ivantruong.com
ivfsudha.com
link.jbeventservices.com
www.joelandtanya.com
android.jundu.net
ar.justwater.com
kadurawebservices.com
khoakiro.com
dev.app.kit.fit
lucite-spirit-of-colours.com
acaidera.lupi.delivery
magnamardika.com
reception-outils.marieblachere.fr
martavisparker.com
test.portal.mayasystems.co.za
bootcamp3.meddialogue.eu
metasystem.life
bap.mewj.co.uk
mooimakerijanemoon.be
myelomacrowd.org
needsdone.app
connected.nextcall.xyz
www.nmerz.com
rybelsus.nn-connect.com
olli.au
unifcv.orchestra4edu.com
pizzahutsg.order.place
ordomatik.com
www.paperbackmag.com
pastpanic.com
careers.pattyslaps.com
prayertime.pro
www.va.querypro.io
reactnative-matsuri.com
personalmate.rodrigopequeno.dev
www.roundsfriends.info
id.russ.es
docs.salona.org
my.shoprocketapp.com
skyolite.com
smart-cities.nrw
pts-contracting.spark-staging.dev
starkaresultat.se
dev.storium.jp
storytellingar.com
chopo-aperturas.supervisor.center
android-support.swiprize.app
ios-support.swiprize.app
tatilgunleri.com
www.thesedays.band
www.tylerhendrickson.me
www.unleashedrunning.com
www.urbanklozet.com
arianee.vacheron-constantin.com
vailsexhaleco.com
www.vivianogesben.dk
dashboard.websays.com
puffpuffvape.yuze.uk
Other domains in certificate