Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.papaya.camp
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 29, 2025
Valid Until
January 28, 2026
31 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
17:84:0D:61:69:29:11:F4:E7:5D:AE:8B:10:6B:4C:D1:E5:5F:86:38:F4:2C:95:F8:2F:C6:F0:F6:85:9C:0A:75
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.mapatalks.com
elections.24heures.ch
azek-cert.3dcloud.io
app.agertech.it
aylee.co
asturias.bitmind.mx
www.brianjwoodbury.com
link.shop.brightspotmrkt.com
www.bydesign.email
inventory.cleanportsmouth.co.uk
www.codewired.me
hashlist.comets.kr
commun.me
www.couleurquiz.de
uidev.cove.io
app.darkgps.com
www.datafenix.co.uk
datalabeling.eu
platform.dev.daylybread.com
demt.co
dotpict.com
www.entremind.cl
eventlapse.io
familyfresh.club
www.fbarcellos.com.br
www.filmsreel.com
flowtapes.com
www.gaser.com.mx
pg-colosseum.hackforplay.xyz
happy-dental.eu
www.happybati.fr
hello.hideandseek.world
hornisnezna.cz
hoseasims.com
app.imoveisuniao.com.br
inspirefamily.org
jackfitterer.com
feedback.kfz.website
uptime.khatoco.com
kubikon.pl
www.liambarracksoftware.com
staging.learning.lightbath.com
webportal.marinwildfire.org
personnaliser.monzaya.fr
relocation.movemytalent.com
www.myprescriptor.com
app.myworkdb.com
aldan.nurzen.group
www.oasis-scantrad.fr
www.onframefilms.com
www.papaya.camp
auth.parkingcupid.com
www.pavon.agency
app.principeum.co
acc-link.propertyloop.co.uk
test01-link.propertyloop.co.uk
test03-link.propertyloop.co.uk
www.pythonisrad.com
non-profit-verification.qrtrac.com
demo.quakerproject.com
book.appt.rapo.app
victon-album.re2fe.com
rndm-bmx.com
www.roboticdonut.com
rootxplore.com
royaldrop.org
samuelblackburn.com
save-koharu.org
scottmsarsfield.com
seattlerudram.org
www.see-platform.com
service.ceo
app-staging.setkeeper.com
www.api.show.tours
singhsaurabh.com
hashikami.softcomp.jp
deeplink.startse.com
storycruzfilms.com
tracpicprod.stylishop.store
www.taylorsversionforspotify.com
admin.teker.ai
www.thattilandco.com
theblumemethod.com
www.tillip.com
tokimuniti.com
www.tombonney.co.uk
www.touchingtheart.app
www.triojam.com
tts-playground.app
adroguerunning.turnosweb.app
www.usac.app
join.useaccord.com
www.vacatube.com
discussion.whigh.co
wizzeh.com
www.ycskerb78.com
ycskerb78.com
www.zerothkey.com
admin.zoila.cl
leeway.zympl.xyz
Other domains in certificate