Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=web-components.blackpurl.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 24, 2025
Valid Until
January 22, 2026
63 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BD:D8:F2:E1:E2:07:C2:58:8C:F8:EE:1F:EA:B9:5D:7C:08:47:87:DE:05:C6:BF:87:7E:32:A5:1F:93:6F:DA:13
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
thrift.house
www.aegle.us
collector.agfc.com
alterfritz.cf
www.oed.av.tr
www.ayazbaig.co.uk
www.azntid.com
babyactivityguide.online
bestwishes.ng
web-components.blackpurl.com
caconnyconstruction.co.za
chat.clark-brown.com
lifeengine.co.kr
share.i-boss.co.kr
zsoboyu.com.ua
dentix.click
dosarium.com
ads-buddy.elpixelista.com
empoorio.org
faeloon.com
felipemarcianodev.com
www.fluttergradientgenerator.com
freestylearena.it
penyerapan.transmigrasi.go.id
v2.admin.gogokids.my
provider.goperi.com
handzbook.in
www.hunnywear.com
justicehub-app.ibj.org
demo.idmx.io
iglugt.com
www.iglugt.com
indyriot.indyriot.com
innercircle.coffee
ireneyfabian.com
firebase.islam-answers.com
newstage-partnerweb.isthara.com
itslokeshm.com
jakeholmesdesign.uk
jiro.gg
bedrijf.jobai.be
johnrood.com
joshilog.com
edit.joshuastearns.com
jroboticksclub.com
juanmartinlucero.com
www.staging-sic.k-9apps.com
www.kianajoon.com
kingdomtec.pro
kodefoundry.com
kolso.com
konto.al
lachocolitaloyalty.com
laplandairports.fi
www.laposadadefrancisca.com
www.linastojanovic.com
logx.no
londonlivecommunication.com
www.londonlivecommunication.com
ls-absolute.com
www.mediaandalas.com
meditolife.com
metapoly.love
www.homologacao.meuplanoclaro.com.br
mfsanal.com
mc2.miranda.works
mookambikaexhibitions.com
morisraely.com
nammaapprovals.com
ninosyomo.com
noorsalon.sa
nossaselvanoape.com
staging.app.orally.network
sima-develop.arco.org.br
ixdtw2021.ixda.org.tw
www.other-languages.com
admin.pidra.ph
pokistudios.com
pranaparade.com
staging.office.resbutler.com
richard-neubert.de
explore.salford.ac.uk
sandwish.app
santiagomille.dev
saorsadev.com
sofiadevsoftware.com
auth.soywibo.com
splitbox.in
steadymoon.com
superfps.com
tcverlinghem.fr
web.staging.terminio.app
trato.studio
twsila.tech
www.vlconsulting.cz
www.vshosting.net
zak-fisher.com
sig.zapay.link
siguy.zapay.link
hulpinhuis.zuidzorg.nl
Other domains in certificate