Open
Cached
·
just now
80/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=parsant.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
May 10, 2026
Valid Until
August 08, 2026
83 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F7:34:78:ED:D7:F3:97:1B:9C:63:79:48:7D:E8:DB:A5:24:A6:70:EA:31:E9:21:65:DB:D5:BB:5D:7A:4D:CE:6B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
globalsign.com
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
sectigo.com
ssl.com
comodoca.com
digicert.com
; cansignhttpexchanges=yes
Wildcard CAs
comodoca.com
digicert.com
; cansignhttpexchanges=yes
globalsign.com
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
sectigo.com
ssl.com
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 7 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
Subject Alternative Names
100 domains
wdac.ca
www.wdac.ca
aanywhr.com
staging.academytrial.com
alnajmpharma.com
auth-dev.ambry.io
anypply.com
dashboard.aspireinclusion.app
automatexi.com
azimmirza.com
www.barbershopdenimphilly.com
www.baskordle.com
www.bastropcode.com
www.beeding.com
bigeastenergynetwork.com
course.bonestudio.online
www.buyonegram.com
bvritconnect.live
bwabtak.com
jwmusic.carbonesoftware.com
www.cargoxpresscorp.com
www.codaanalytics.xyz
partners.cognite.com
color-ai.art
cyranexen.com
daylog.kr
diamondcoastconstruction.com
discoverypro-teambeta.online
admin.dost1.ph
dsregister.in
frame.eccoffice.cloud
electromagneticvalley.com
app.entrig.com
faemsoftware.com
www.funneled.app
giulianasica.com
glequiprental.online
gtohero.com
oyun.hakantunc.com
heizexperten-wissen.de
hexcheck.com
qr.hicfrancia.com
www.indiansbar.com
www.jonathanshaw.com
jujutsu-badpyrmont.de
kaizek.com
keeneyeinventories.co.uk
www.keeneyeinventories.co.uk
kevin-metzdorf.com
kickapi.com.br
www.lascable.com
laughmask.com
laurencurtius.com
stagingsyndicate3.letsventure.com
limpiezaspanther.es
lovetraveltours.com.au
tejiendocon.mabelitadelacruz.com
www.mabelitadelacruz.com
temp42.mamklearn.com
manuf.manexias.com
massdev.com.br
demo-stage.mently.pro
studio.metiscompute.ai
mfl-live.com
beta.miveratech.com
mmhomemakers.com
www.movii.fr
nanocenter.center
needlecastinteractive.com
nextpost.info
stage.nirixai.com
www.osmanjimenez.com
parsant.com
pdf-tools-online.com
www.pearlbea.com
peterpancentre.ca
propey.org
qauce.com
rollingdice.co
selivili.com
www.selivili.com
app.setutrade.com
shalimarhomes.in
www.shameless.art
shanekennelty.com
stylistai.co
www.summaread.ai
swyftapps.swyftech.com.au
www.tavio.us
touchnut.com
fb.triviaguru.app
orchestrator.trynestify.xyz
stu.trynestify.xyz
turbomine.cloud
www.vdatainfo.in
kurasushi.waitlist.be
www.xaxify.com
xaxify.com
app.xdn74.com
auth.zeussindia.online
Other domains in certificate