Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=thepassionatetrader.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 23, 2025
Valid Until
February 21, 2026
79 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0F:47:55:4A:11:96:8C:8A:DC:BA:6A:31:2D:61:28:C6:DD:5C:AC:58:2A:AA:4F:F3:34:B4:69:E7:08:31:F1:04
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.vazarchain.com
creo-test.aesys.com
agrarianchile.cl
aichatassistant.app
udt.aleoyakas.co.uk
anisharon.com
arkham-starter.com
atominfo.tech
audiobiography.com
links.bizbookly.com
app.bloq.it
login.databits.bobsled-cloud.com
www.bojler-kindervill.hu
www.braun.app
staging.budget-bot.com
bugraalbayrak.com
app.bumpcareers.com
www.can-can.biz
triumph.che.ma
www.bugrakara.com.tr
fourinarow.share.coolplay.io
creas.tel
crewcorecs.com
sandbox.mypersonalrunningcoach.davidecampello.app
www.deepanime.ai
diskretmatematik.se
e-duplicate.com
www.epsilon-delta.link
fandb.app
financialtravelbuddy.com
www.francescopisani.it
www.franfonse.com
www.g3ek.co.uk
partner.getluup.com
hanathustra.com
henry-ngan.com
app.hotbody.one
admin.hotelajayinternational.in
user.hotelparivar.com
www.shatz.idodon.com
app-dev.interplay.io
app.irecfer.com
via-demo.ischoolconnect.com
iybibarberstudio.com
jetpackx.io
www.jkinfotech.app
mega.jmdev.es
www.jordinebot.cat
www.khilesh.com
app.langduet.com
careers.lazzo.io
lyticsdatalab.leveragelab.com
www.loinsp.com
frame.lokalebon.nl
incubate.makkan.trade
www.michellelee.tw
app.minimapper.app
movement-mastering.com
download.mrlondon.app
msiivouspalvelu.fi
mybroker.com.co
nickimagines.ai
www.opread.com
www.panicindustries.com
picpack.app
dev.pinstation.app
group.pirika.app
plannprep.ca
refer.mini.playship.com
www.pocurio.com
puzzle.dev
mergeclash.puzzlecats.com
app.test.pyxo.co
admin.rawrevolt.com
rescueme.app
rgwoi.com
o2.skill.rideet.com
map.riky.app
www.sfp.si
dlr-mobility.sharo.io
shinepass.co.za
fb.skeinway.com
www.slyck.app
bocian.smartlegaldoc.eu
smile-art.app
www.spacepolux.com
spardhakarnatakaacademy.in
stalwart.app
www.stashy.io
app.studeng.es
sugoflights.app
glaubandich-bewerbung.tagbase.io
thepassionatetrader.com
stage.threshold.co
titard.click
www.titard.click
admin.tpms.live
tripski.app
gboxurca.turnosweb.app
emails.webcat.app
Other domains in certificate