Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=placescraper.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 29, 2025
Valid Until
January 27, 2026
78 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FA:5C:37:38:89:25:D2:1C:96:C3:FA:70:76:E2:8F:99:5C:D2:A7:2A:3E:66:DA:71:58:C1:88:65:C1:58:4D:16
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
somendrasaini.com
2cubestudios.com
www.7azzak.com
practice.acuteplus.app
www.adityamhatre.com
customintegro.aisessment.com
app.alcomy.com
www.allsect.com
ambi-admin.ambihome.net
antestimate2500.com
sales.artworxx.hu
astraapi.com
attenzi.com
workplace.aumhum.com
spiderpit.aurenox.com
click.avalst.com
www.badinz.co.nz
beanposapp.com
bitcoinsherpa.com
links.bootbag.co
www.broad.app
buildadusandiego.com
caseyshimata.com
celestececchi.com
charming-tour.com
closedirt.com
www.clpaid.com
code-play.dev
commforge.tech
www.conorsmith.dev
cdmedia-various-staging.contentcard.com
cyberjusticedegrees.com
prompter.digitalkita.online
dineshneupane.com
dletran.dev
www.drjaviermirandac.com
dropmoments.com
edwinsanfi.dev
eewebtools.com
www.fbodlee.com
feed.app
fredx.dev
www.fusheng.info
www.gakal.au
gtubt.com
pcostracker.healthium.one
hyperlink.lt
cloud.imcsoftware.net
jinjitalk.com
jopplt.me
www.kingsleycollection.com
menchasbeer.co
menchascraftbeer.co
www.mikereed.co
movexeg.com
dashboard-beta.mytruq.com
evaluer.nissangranby.com
get.nui.care
onarrivalmigration.com
optoutofruskincontactinfo.com
ownerfy.com
www.pico-pizza.com
placescraper.com
bqlhospitalitygroup.premiumhotel.pl
admin.propo.fm
rarediscoveryconsulting.com
uat.revenue.resbutler.com
zstore.restoplus.com
garage.rideonriders.com
www.rigzlogistics.com
rotodial.com
connect-ng-carrier-registration.rxoconnectuat.rxo.com
eye.sconlinesolution.com
www.seidemann-meppen.de
selectedtext.com.ar
sheezaaziz.com
www.shufflespace.ca
apply.sjc.co.za
dev-natura-dashboard.squidit.com.br
stefan-gregor.de
fb.staging.stellartickets.com
strokesforlife.com
input.nightly.sumai-entry.app
www.sunrise-burritos.com
tapiasasociados.com
teagandstutsman.com
three38inc.com
biz.tictokapp.com
tiktokinfluencers.app
www.client.timetri.app
tmc.tualba.it
app.turcambio.com.br
twift-dev-v2.twende.app
ultrafastsmm.xyz
umashiba.dev
www.voxagro.com
app.wefix.com.au
yoursteer.com
zhuweiyi.com
zulfikhan.com
Other domains in certificate