Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=ssalonpick.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 30, 2025
Valid Until
February 28, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
82:FA:58:84:3B:79:9E:78:72:78:D5:A2:81:AB:DA:F1:9C:FC:B4:AD:47:BB:C7:B6:33:EC:6E:2A:F6:AD:C5:FD
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
socialpostai.site
alamocrespo.info
amaya-sakana.com
sigma.caoschoonmaak.appdashboard.nl
aprendiendogolf.com.ar
as-siraat.com
asasushico.com
www.automastersat.com.br
ericka.axelink.fr
payment.ballasters.com
beastrounds.com
www.bethebest.ai
biotechquity.com
cbohrer.com
immobilien.clearenterprise.ch
clinicaevolutionkids.com.br
clinicasabra.com
trikaalyasolutions.co.in
app.harajfriday.com.sa
computerlove.io
cookpop.xyz
www.cookpop.xyz
admin.covid-pass.tech
app.coworkee.jp
creacionyvida.study
cryptee.app
login.dav-epic-playground.net
stream.deft.work
deksomboon.fi
www.deksomboon.fi
displaycenter.com.br
app.e-courier.us
stroke.e-onlineservice.com
inpactas.ufam.edu.br
attestportal.flexime.io
a0jb.foodle.su
footballu.com
fsjmobile.ca
sincomerciocatanduva.g2canal.com.br
hafiza.tires
www.hamingja.xyz
hilarymallar.com
app.nobreimoveis.imb.br
btjardim.impactwrap.com
www.islautopia.com
partner.kabam.app
surl.kid-ex.com
www.kpidon.com
www.kronara.com.br
cms.latinad.com
learnalgorithm.com
lequiz.app
lingvi.hu
www.lingvi.hu
lit-nightlife.com
editor.livetensor.com
logatotech.com
mahjongla.win
user.makeripples.nz
api.metafor.space
docentes.mision.education
mydub.site
print.mysodexo.app
www.newu.app
coach.nopanoga.app
www.nycclassical.com
blog.omarcarpinteyro.com
lca.openplastic.app
www.instzoom.org.br
www.passdr.com.br
www.pix.nl
pjbautoparts.com
calc.electrify.pp.ua
priblic.net
qhata.org
www.learning.quantadt.com
riotudo.com.br
sandybutler.co.uk
www.hosei.shitatekan.com
shreejitours.co.uk
link.smashapp.com.au
www.sow-med.com
app.spectra.top
ssalonpick.com
supersubs.uk
thelobby.surfpay.se
thumbnailgen.site
wahlen19.thunertagblatt.ch
thurios.co.jp
tinteggiaturatetti.it
www.tiotomate.com.br
trakkar.io
web.trakkar.io
trz.turnosweb.app
www.uniqenergy.app
deliveroo.untied.io
vibechecks.xyz
www.vitanovbiotech.com
app.wirwiegendeinpferd.de
admin.zagenzagen.nl
Other domains in certificate