Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=handstandglobetrotter.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 17, 2025
Valid Until
February 15, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7A:4B:24:79:D2:1E:CB:57:56:3E:2B:0E:15:5E:D4:1C:BE:69:B1:74:A6:E5:E7:61:5B:66:B6:AC:22:9E:6E:B6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.ezresumeai.com
adnqr.com
site4.allyable.tech
www.amyrfezzeni.com
anxiety-aid.com
www.asaace.vip
mturk03.bcause.app
bkslabs.com
bytecaremx.com
talent.castingapp.com
www.cewindow.com
classiccustomkitchen.com
republicarne.clau.io
crepsis.com
www.danielamanzotti.com
movr-pro.dev-ltl-xpo.com
charter.devridezum.com
escola.dhuly-contente.com.br
www.digitalsamiti.com
www.dks-dz.com
dherald-staging.dogonews.com
dramos.dev
earthdecks.org
sl.echochat.live
eidjord.no
elmerthebutler.com
eugeniaspilnik.com
fefub.com
download.flex-testing.com
formlinker.com
www.gardensitter.fr
www.gescip.com
www.gimsoi.com
agency-dashboard.gls-spain.dev
bodegas.grupoelcr.com
handstandglobetrotter.com
inaayadesigns.com
app.ioniaregistry.com
www.jaiin.dev
www.jcysu.com
www.katans.com
admin.staging.komence.io
www.lawyerycj.com
www.lifedesignkw.com
liquidminers.com
staging.listique.com
liweihan.com
loventyne.com
supplier.maktub.kz
malikgazal.com
www.malikgazal.com
preprod.secretsanta.mattpeskett.com
events.mcdnet.org
friendshub.megapos.store
www.mentanalytics.cl
mumbaipainting.com
nabuten.de
www.nextgnsolutions.com
www.nickstark.net
nkmlab.com
er.nwbbc.com
onefortymm.com
pamorparty.com
paxedge.com
www.pooldatafeed.com
www.puffplay.in
www.racemates.se
www.rajputlaw.com
stg.everglow.re2fe.com
www.relomining.com
rootsandradiance.in
auth.saltydogtrends.com
stg-app.seedtrace.org
serein.dev
dashboard-sword.serox.io
share.new
sissygreen.com
cartadigital.sistemasbelkys.com
skycanwait.com
melon.sld.codes
smekalisty.com
sshpa.ca
tamami-higuchi.com
tavaresplace.com
thelewisclub.org
app.therunclub.es
roche.timeline.click
ultimatetask.ru
u.upw.li
www.userelish.com
vanakkamdsa.com
verrigonthuka.com
frontend.vinsystems.net
volio.fun
us-central1-api.waseda-onodalab.jp
www.wombatica.app
worktimelog.com
applinks.workvivo.com
www.wyverald.me
ymeets.com
Other domains in certificate