Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.pakwanderers.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 18, 2025
Valid Until
March 18, 2026
79 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
96:E9:45:60:C2:EA:BC:D5:6D:B8:B5:08:EB:28:6D:0F:19:69:71:25:C7:E8:91:B6:AD:10:01:80:61:EA:94:84
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.cryptex.it
alphalogy.net
guessme.anapple07.com
autoscoutkft.hu
bobbimonsta.es
broccoapp.com
cdn.busybee.nz
hola.cambrer.com.ar
file.carlosbindert.com
app-14.dev.carto.com
centrapply.com
bajrangfurniture.co.in
dharmapuri.yazhdroptaxi.co.in
www.coconutplace.kr
www.coffeeblog.cz
dev.colavo.me
tango-admin-staging.colia.com
www.hc-ec.com.tw
cosad-benin.org
api.cryptorastas.xyz
daviddebreceni.com
deeprikh.com
deniszholob.com
devops-r.dev-ltl-xpo.com
dkaleta.com
www.dvjohnston.com
www.emerch.co.uk
www.endangeredclub.com
dashboard.equinoccialgatitos.com
eternitysaga.io
evxpertz.com
fandestination.com
fatturepdf.it
firegram.ca
www.freecourseplanner.com
geovany.dev
glemmo.com
globalsportsme.com
admin.glukynet.com
www.app-qr-viewer.gruposercomm.com
www.heardfrommom.com
b.helloring.jp
hucklberry.com
hungrimonster.com
ianduclos.com
www.indi-psychology.org
www.ingles.la
www.innosante.fr
intakifi.io
jarsty.com
joaoferreira.dev
jotlu.co.uk
langarica.me
hinata.lene.jp
partner.loadsure.net
dev.lubbu.com
markwithai.com
mattressraja.com
merrimackcomputer.club
www.mogswamp.com
momentummetropolitan-events.co.za
stg.myfilehr.com
client-dev.myworkus.com
neriakatz.com
neuralchain.ca
resume.nilsr.me
nomorecoverletter.com
flickzombie.nonip.net
verify.nsicsm.com
onspotlocksmiths.co.uk
optimahardware.com
pakketpakket.nl
www.pakwanderers.com
verify.partyva.app
dev.peazi.app
persiantranslation.info
app.point.lat
link.staging.powerpal.net
www.qeerio.com
raxar.com.ar
dashboard.recheck.jp
www.rfpneurology.com
www.routz.io
app.runyondataservices.com
static-page-staging.salary-hero.com
app.scaleup.de
sean-smith.co.uk
seenacht.ch
xapp.sonarmuse.org
assets.stanhopefd.com
sundaycreativehouse.com
app.sweet.tv
www.tirupatiancillaries.com
windsupkitesurfing.toomoosegames.com
dev.topformaturas.com.br
totemocode.com
typespeedai.com
venturoam.com
watercycles.ca
admin.zergpresent.ru
Other domains in certificate