Open
Cached
·
43m ago
77/100
SECURITY SCORE
Certificate Information
Subject
CN=bwg.p.w3.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 12, 2026
Valid Until
April 12, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B5:16:1C:99:6A:87:87:47:AC:96:05:00:21:C0:73:E6:E3:8B:7C:D0:79:09:2D:A5:13:71:C8:BF:A6:A2:24:25
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
appstake.network
aadven.com
admin.ageekguide.com
agrisenseapps.com
agsv.fun
aguayplantas.com
www.albertaconnected.ca
alexyork.net
www.anaromero.es
apuntadechacarera.org
avocadonotes.ai
images.bethengine.com
www.bhuvanasriinteriordesign.com
staging.cms.blockframes.io
brcreate.org
curso2025.casaduana.com
cogemogros.com
www.connyarmin2020.com
zettle.corntech.com.mx
www.devellotech.ca
nilgiris.dropmeoneway.com
fertilityclinicinnovators.com
flowbyte.cloud
fuckofftedcruz.com
getinvestment.org
www.growpecomm.com
hjertmann-kyndi.dk
hokimtong.org
ilian-iliev.com
machi-sys.it-monozukuri.com
izervay.ca
psnstore.jeuxvideo.com
www.k-torconsulting.com
karuvarakundukmcc.org
www.knowyourrights.page
leopalma.com
madraswash.com
www.marianagoncalvesdacunha-art.com
tamil.corona.mayamd.ai
www.mecha-info.com
sexy-time.mightybyte.us
mrremodelinggroup.com
www.msktlab.com
neodym.blog
halo.neoufitness.com
servicios.nirelcr.com
wedding.nithinprasad.com
stageqa2.notifyvisitors.com
novacratsio.com
reports.oam.ltd
www.oana.com
octanejeans.com.ar
www.olv007.com
qa.ca.onerevolution.com
orbet.io
fiep.orchestra4edu.com
www.paraworker.com
app-qa.pixis.ai
qiratshop.in
qualityservicepak.com
qualuation.com
app.researchfrom.com
respiratorysciencesinc.com
www.respiratorysciencesinc.com
rohelevy.com
rotaryorchardseniorhome.com
ruckacoin.xyz
sadid.dev
schaeferdevelopment.dev
medscope.scientimed.in
shabbatus.com
snaghaven.com
wellness.solsten.io
solutiondevelopers.in
www.spacaretime.com
norgesvask.superoperator.com
tcates.com
tcjewellers.in
www.teammochi.com
templateimages.com
www.theabysslist.com
thecleanappproject.com
draw-tokyo.ukonpower.dev
uniservicelatina.com
aidash.utradesolutions.ai
uzmdrnazancelik.com
captive2-0.vagalumewifi.com.br
www.vanlifeplanner.com
www.vegamecum.com
www.vibertech.com
sundial.videoscribbler.com
vitersoft.com
gestorversao.vrsoft.com.br
bwg.p.w3.app
weddingmemes.com
winno.io
qa.worky.mx
app.writeloop.ai
evolve.ymedia.in
zonastreamin.online
Other domains in certificate