Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=www.fixmerchant.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
April 19, 2026
Valid Until
July 18, 2026
81 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F3:B5:70:4B:67:CB:02:58:33:FD:6F:D8:EC:A7:48:F5:17:69:A1:12:0A:99:9A:32:B7:56:2A:53:74:EC:5B:AD
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
prepp.tech
aanaltrading.in
advogadoeficiente.com.br
agoinnovations.in
amplify.hu
cadastro.arco.org.br
arkadiuszdatka.dev
ashik.bhata.in
www.bluesoar.com
blushvault.in
www.blushvault.in
noms.brandonkoh.dev
www.canalstreet.se
www.carlosho.es
portal.cattle-pulse.com
clarkstevenson.co.uk
amazon.deshpande.page
diplomska.mk
admin.diucampusschedule.app
heechan.edcan.kr
www.fixmerchant.com
getbizzie.io
getdiscountliquor.com
getshitdone.now
karte.gla.jp
tix.gobo.show
www.goeasyfigures.com
inside.heezenbedrijven.nl
m.holdstation.com
placeholder.hsjossan.com
www.ibisco.net
immo-max-aicher.app
www.instanthipno.com
itanifinancialgroup.com
kafkademo.itssumitsingh.com
kebabhouse.jiricech2059.com
www.journeythroughlens.com
kanjiapocalypse.com
kelle.dk
www.admin.kiwia.com.ar
kylejennings.net
lenormandapp.com
api.libretto.io
lifetextilebd.com
sandbox.mastekengineering.com
www.mc-autoglass.com
ekiatsu.mieruka.online
nailthatcoin.com
neblarvoice.com
www.nexaweb.ca
nubes-bridge.com
openapptools.com
ounc.in
www.pacfordia.com
tickets.padamlagan.com
ayr.planacan.io
podcastthedemonsout.com
www.qrite.app
ramiroscerra.com
vorschau.raumcloud.com
login1.read-pro.com
static.rechargemobile.ci
app.reiroid.com
www.relayinfotech.com
takeout.rokubungi.jp
www.rprashanth.com
portal.rudracrackers.com
hmglite.saudevianet.com.br
scooterlayur.com
blackpool.scouthub.app
www.seabridgeroofing.com
plus.shoppercaddie.com
shreyanadkarni.com
new-backoffice.skooldio.com
dev.specialt.co.za
spheon.xyz
www.spirepos.com
store-lease.com
sugarplum-cafe.com
conference.swing.be
techzypher.com
nl.testla.nl
testme.gg
admin.theelefant.com
www.thelesbianproject.net
theonepage.co.za
dev.tivazo.com
www.trashsort.com
vantoo.space
veterinaria-jalisco.com
app.vgo.com.ar
virohana.co.in
www.virohana.co.in
vplansai.site
www.wennax.com
windowsfile.me
wisense.my
cinemacity.yesmkt.com
yuancheng.li
www.zambesc-oricand.com
Other domains in certificate