Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.barbershopmayfair.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
60 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B1:D0:F6:4F:F0:C1:D3:CB:16:8B:C5:E9:70:2D:2A:C6:53:36:AE:F3:B0:B9:9D:88:A8:49:D1:27:04:BD:A0:D0
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.ezspeek.com
aebc.vn
umbilical-staging.anekonnect.io
hmg-adm.aonderole.com
hmg.aonderole.com
aparnia.com
appliedboard.com
arielgerman.com
artzily.com
events.atlas-apps.link
www.barbershopmayfair.com
combine.bcase.solutions
billthecloud.com
boltrik.com
test.dynamiclinks.bsit.com
www.bunalert.app
chapterme.co
www.chiragvaghasiya.dev
coneicucayali.org
escribidor.contramuro.com
auth.craftytrack.com
nela.culturalyst.com
www.cybertruckwiki.com
corporateweb.odfjellterminals.dblandit.com
deepfakex.ai
divotly.ca
www.dragonsalley.ca
elgasoos.com
eugrant.eu
eusebio.dev
www.expensehive.com
fantasyjams.com
auth.fzone.cz
gchevassus.me
getpigeon.app
glympses.cl
auth.goleasy.de
harristhomas.com
hmh-waggle-teacher.com
squirrells.horseriding.app
infosecjobs.uk
quoting.ipknowledge.net
jader.io
globalworktravel-sdk.joinsherpa.io
jomsolat.org
www.juttame.at
driver-demo.kidgo.io
star.krishnan.app
utdeoriental.lapieza.io
www.layerized.com
leadjemltd.com
orbit.learningsuite.io
soriana.livepanel.co
memody.ch
nidnau.com
www.nidnau.com
front-staging.onderwijsonline.nl
www.onyourway.app
peyonic.com
www.pgriffiths.com
polipay.io
www.productsnippets.com
www.prontissimo.app
qrnavi.app
quintasteakhouse.com
rankalyst.com
preview.revivar.dev
sakuramc.me
elgin.scouthub.app
dtodito.sienarsystemsmx.com
my.sippy.be
www.skeinway.com
organisation.skey.network
sloneczna.app
www.spiffyventures.com
stainedglassbuyer.com
studentsvoice.co
studioamme.com
talentmotive.com
www.talentmotive.com
www.tanishq.dev
www.terrasvenue.com
textbehindvideo.app
api.staging.tipgenie.com
toottogether.com
www.toottogether.com
tresors-sucres.com
www.tripledesign.net
relaunch.tutorate.com
unanichikitsa.com
warbybarker.untangl.com
assets.unthread.io
selecquest.urtropedesigns.com
bahar.usgurlu.com
www.vanord.com
au.vidaura.com
viewchinese.com
voyayge.co
dlapp.www.wedoc.com.br
radarx.xogene.com
Other domains in certificate