Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.ofourabois.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 27, 2025
Valid Until
January 25, 2026
61 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
EE:38:16:F9:E0:00:B2:32:95:DC:E3:68:53:53:7A:FF:A4:63:8E:E5:07:2F:4B:51:28:92:39:7C:96:7F:1A:B9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
admin.equipment.troop30lr.org
1teto.com.br
acroeverywhere.com
airtemplate.com
akashguru.com
www.anatolyakatamaran.com
www.andreii.dev
angryalliance.org
argent.to
banopay.com
connector.binoxmsp.com
botian.me
jumpydoll.brianliu.dev
admin.bringly.nl
budgetspenders.ca
www.calcular-frete-correios.com.br
www.calenster.com
cbrunner.de
portal.chadwick-family.net
admin.charat-kuji.jp
www.cic-usm.com
cimplybest.cimplyfive.com
driver-app.cleanbox.co.il
dipendragurung.com.np
extensions-app.prod.eu.companionmedical.dev
www.daugaspirit.lv
dgklogistics.nl
print.dynamicard.com
games.elitemaacademy.com
app.embajadurcrema.com
www.factoportal.com
www.gaohowa.com
glory.gosk.ai
www.grselectromech.com
www.gvmshiring.com
ropt.hassanali.tk
www.heedforlife.com
www.hinduglobalvidyapeeth.com
hstest.co.za
live.demo.incentable.com
www.integrityautoidaho.com
valeamigo-dev.intelligential.tech
gamepack.jiroplay.com
www.encuestaclientes.k-9apps.com
katamon.net
forms.integration.keap.app
www.kyoko-janai.net
lammastrio.com
www.legacysales.ca
reconinfosec.app.limacharlie.io
allergan.livebusinessupdate.com
w.luke-roberts.com
madlab.app
tiruvallur.makemytriptaxi.com
www.metisengine.com
confirm.moonzapp.com
www.moviereal.co.uk
web.myplayer.io
nanysjewelry.com
newmoorthycafe.in
test.ocula.tech
www.ofourabois.com
www.omnitechelectronics.com
omwf.de
appozam.org.es
www.pasillando.com
peopleartfactory.com
auth.phonic.ai
auth.preview.pilot-security.com
healthymart.piticommerce.com
sugasab.pujasweb.co
raghavshubham.in
stg.mdash.re2fe.com
coaching.reaction-club.app
recommendai.online
www.retrospect.co.za
test.rockwelltechnologies.com
www.saborefe.com.br
read-consent-quickly.sarunint.com
siliconseed.io
sioview.com
suko48.com
www.sustainabilitytech.com
app-staging.taginsight.com
cms.teero.com
thoren.io
app.tkshippers.com
www.towkns.com
www.travelengine.app
dev.trxtl.com
www.ugurkig.com
gameparuay.unileveractivity.com
www.v-medtw.com
whisper.vandromme.co.uk
demo.web.venttu.com
www.wish-to-go.com
www.wyzauto.com
onclick.xscientist.in
factura.yungol.com
appointments.zivro.com
Other domains in certificate