Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.pressftopayrespects.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0C:EB:88:44:0C:36:36:9E:2D:32:54:D6:7B:10:D2:F9:E7:A9:20:1F:0D:A9:FB:C9:CF:DF:03:65:83:A4:59:00
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
magic.spaceslife.com
100kbphoto.com
hrm-kongfigurator-cert.3dcloud.io
hrm-kongfigurator-test.3dcloud.io
aiampdse.agivant.com
banijaytalent.fr
www.bci.lu
besweetomaha.com
www.bethgallagher.com
boquetetours.eu
borischrist.eu
wingman.braceyskyway.com
www.bring-out.net
www.buja101.com
burlingtongoatfactory.com
www.busica.jp
bykt.org
www.candileflame.com
www.citrulluspartners.com
sanopecado.clau.io
cloudsmartsharetech.cn
www.cloudsmartsharetech.cn
www.cmvinsuranceinspection.com
www.bev.co.ke
www.hongosbaires.com.uy
datos.cyou
app.dmfweb.com.br
estabelecimentos.dmfweb.com.br
auth.duelpack.com
admin.elguapobitters.com
eonify.ai
everytale.uk
fair-eats.com
vfa-miennam.fastvalue.vn
vnjp.fastvalue.vn
www.fermontlegacy.com
parlamento-de-la-inclusion.congresoqroo.gob.mx
anniv.hacomono.jp
harveymarshbaker.com
healthmapr.ai
www.heartseasecottage.com
highdesign.agency
www-cdc-test.idscloud.dev
bds-api-uat.itxi.aero
developer.jasig.org
www.jeesab.com
install.kanal.work
www.ksmhidraulica.com.br
lila.rent
www.loggikpos.online
links.manifoldrhythms.com
www.marcseiferle.com
metatext.io
mypolls.xyz
nastiazhyrnova.com
neuropulse.mx
firebase.passwordlastic.es
app.pauloguimaraes.com
l.pelavo.pl
www.pressftopayrespects.com
prismnotes.app
quickweb.click
desenv.quitapay.com
www.raulcapote.es
reelapproval.info
ae.roland.com
rxpic.online
siapco.mx
lists.skwai.com
slatechat.ai
space-time.tv
sqlfire.dev
stealthisoptional.com
code.supatest.ai
surfcampmiramar.com
bodacivilduquecisneros.swanmoments.lat
map.swoop.chat
taxiooty.com
taxsupportgroup.com
www.taxsupportgroup.com
temptraveler.com
thebuddypatch.com
themoken.com
theoptimumlabs.com
maven.thevrglab.com
app.tili.ai
www.toxickitty.app
trilok.info
home.tungnv.com
www.udux.com
unitryx.com
tronos.vinicius-goncalves.com
wasinv.com
www.wasinv.com
wasinv.es
en.weather-fit.com
whitecirclegroup.in
whitsaboutcha.com
www.wilkensonfrancois.com
zackkhan.com
Other domains in certificate