Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.raundsfestival.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 21, 2025
Valid Until
February 20, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
91:EA:4C:AA:DE:8F:1C:4C:7A:BB:C3:ED:3A:DD:C2:B9:2C:2E:A5:C3:64:49:78:F3:66:39:01:D2:67:80:D4:69
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.rlazyks.com
vendasuamae.99jobs.com
www.adconsultinghh.com
www.adityaiyer.in
africannonismandpeomocracy.com
al-inshirah.com
mockup.albumbox.com.br
de.artboxy.com
ascendlevel.com
autoscreen.io
dev.balotera.com
bamitech.ie
basbus.app
beliavsky.com
admin.dev.bestathletes.co
bigbad.ca
bikeaholic.app
bludland.com
bramleysfuneraldirectors.co.uk
brewbuzzcoffee.com
www.bullionbazar.in
ilosur.buscontrol.app
cafpraticheonline.it
www.callink.in
carlosho.es
link.classcalc.com
cosibin.click
ln.cytoreason.com
darklabsubscription.com
darkvch.space
davidacosta.me
dd.zone
devangles.com
dhwaper.com
ito-coffee2.for.dinii.jp
dotordinals.io
dpkventures.com
admin.stellar.edu.np
egolf.ai
energiadireta.com
dashboard.eztrackr.app
www.fakgun.com
www.felix-moellerherm.de
gettalentriver.app
main-test.gosh.live
grazziano.net
www.grupoaljo.com
documentosoporte.grupowtg.com.co
helpsl.net
light.i0b.de
campaign.incard.biz
www.ineedahand.net
made.innorthsomerset.co.uk
www.inrelation.no
www.math.joshid.co.uk
dienste.koehlertage.de
marve.app
www.me2mars.com
webprescriber.medicbd.com
www.memstate.io
static.mgtc.dev
mithealth.app
www.myevidenceportal.com
www.nadswarranty.net
ncov19update.com
nixit.pw
www.optimoney.app
www.oufit.app
pagosmocorito.com.mx
perceptiontoolkit.dev
picosearch.app
prog-res.com
www.lebloccafe.order.pulp.eu
www.raundsfestival.com
www.reactnativeyou.com
ryan-lee.org
uat.empower.savannahghi.org
vtc16.simpliroute.com
surveyapp.slidesoft.tech
notes.sophiasharif.com
www.sparkcreators.in
spicykilishi.site
demo.spockanalytics.xyz
stashed.app
app.storydna.app
tavern.ventures
web.teamitup.com
tecnoaircoldcr.com
tertius.app
trytalentriver.app
dynamiclink.tt-services.net
admin.tucar.app
twinmindsolutions.co.uk
www.uchicagoathleticcamps.com
tickets.uglycutie.com.au
timereport.urbanhome.app
waihona.net
www.wealthystepsadvisor.com
www.wordhookup.com
zenyx.io
Other domains in certificate