Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=demo.plutomap.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 30, 2025
Valid Until
January 29, 2026
74 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D0:79:43:F6:7C:4F:E3:DA:2D:95:E9:9F:06:50:77:99:18:42:08:65:52:56:EE:E7:61:99:02:22:28:58:11:67
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
varaminfotech.in
www.advenrius.net
karateanna.aimcomely.com
www.akschejbalova.cz
andrewblack.games
buatapps.aparoo.my
resources.ascendingfate.de
asdi.dev
assintelreport.assintel.it
web.atualcontrole.com.br
www.autismzero.org
kit.be-hookd.com
dash.blinkbots.com
bookmarkspanish.com
cellark.in
admin.cityrath.com
www.mcamindia.co.in
cdn.akimia.com.tw
www.critbase.com
www.crktr.com
cutoff.dev
d8a.me
dahmon.dev
www.djfei-fei.com
www.edavot.com
pre-paisajesdelvino.eldiario.es
emoji.chat
marketplace.ezfficient.com
proapi-v2.fremby.no
www.g7s.io
www.geradordecpf.dev
www.glasswing.dev
gmgn.community
www.helena-ruao.com
hotspring-inc.jp
chustphr-id-testing.input4you.be
integratedsolutions.ae
www.jetsyt.com
www.kartsyapp.com
maji.kchkna.com
kinematicsclasses.com
www.kovats.biz
angelbo.labriola.family
www.lamoss.net
lilynovaart.com
www.mk.loggbok.net
lonpa.net
configure.louveroof.com
mailthrottler.com
www.makerhand.com
malasovigliana.it
link.mannki.app
www.marscapital.in
azure-test.mayamd.ai
www.meerahospitality.in
merrill.ink
consent.mistergreenlease.de
admin.montanarep.com
moonpile.com
www.njc-software.com
nortexpack.com
link.nycers.org
test-website.octo-gaming.com
www.onboarding.plus
app.optimumpaymentportal.com
ourflat-app.com
partnerville.com
pdvpizzaria.com.br
petkofrizer.com
demo.plutomap.com
pontesburydeanery.org
www.profildance.com
qrew.com.au
qwikcheck.com
link.rentable.pk
pos.qa5.restoplus.com
app.ridingtherainbow.com
samjoepinangay.com
www.savankotadiya.com
www.save-koharu.org
v2.selflane.com
www.services-mba.de
blog.shunxuhuang.com
www.simplegrades.co.za
solariumvr.com
www.stacktech.ro
swaadsimplified.com
www.tinemor.no
turkiyereal.estate
link.u-hoo.com
www.udamsaini.com
www.upspin.me
lab.policies.vezham.com
api2.vinota.com
www.voixman.xyz
salambudiarto.web.id
m.werktijd.be
www.wishify.cz
www.wordago.net
yannshu.com
Other domains in certificate