Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=newadmin.websays.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 06, 2025
Valid Until
January 04, 2026
45 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
94:E0:DA:33:79:A9:8D:3C:58:E3:1D:6E:47:EB:29:8F:61:25:78:45:FA:90:7C:59:AA:16:5C:9B:F1:F5:AE:76
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
cohentown.com
nhl.3pak.com
sandbox.activetracker360.com
www.aibirds.art
messages.alextebbs.com
www.apphouse.co.nz
gaya-studio.ppr.atlantide.io
docs.b2bninja.com
bcare.baby
test.web.printgo.beebitpruebas.com
bizzybooks.com
www.bonvi.net
francesco.brozzu.it
mag.centrulminerva.ro
www.chicagotopcleaning.com
app.sigein.com.do
dash-kyc.globalbridgeconnections.com.py
mobile-personal-prod.connectid.io
auth.convention.ninja
www.newsletter.cornellvc.com
dancewithme.be
www.derbytronics.com
stage.diamsauto.fr
liff.digital-town.jp
divyan5h.dev
www.electrocode.de
www.engrustranslator.com
www.estudiocasso.com.ar
agents.favstay.com
app.findharmonee.com
app.flow-wandelen.eu
www.fomosumo.com
firehose.getgather.com
app.gitdailies.com
greenwoodsound.com
heiandoamerica.com
admissaosotreq.hrestart.com.br
idk.uno
odi.api.idoxs.app
imma-france.com
institut-hypnozy.cz
veniamin-masha.invito.link
irenepruzan.com
www.jevans.uk
julieshackman.co.uk
www.sic.k-9apps.com
kawalpreetdeol.com
www.kulturajanda.com
www.leali.io
www.leelabackwater.com
emn.tracker.prod.liquidanalytics.com
beta.audits.lunarworks.co.uk
dev.mapapajzlov.sk
www.miaotea.top
www.microsoftexceltraining.ie
nicoleseils.com
dev.nobul.com
www.omnia.tel
www.ontheoriginofcircles.com
www.op-design.com
www.outboundly.io
final.patigeni.com
push.pdr.cloud
picole-pixel.com
www.pienter.tech
pirma.lv
play2x.cx
balloon.prane.biz
cavaouwebapp.recyc-quebec.gouv.qc.ca
qkuronekop.dev
editor.qre.dev
hub.quakeworld.nu
www.quiz.party
www.quizmenot.com
redb.org
hangman.rioja.io
scottmoser.dev
www.sezerbudak.dev
sidekick-app.com
www.silsilat-alibda.com
title-quest.sink-capital.com
www.smileyrocks.com
snakegame.com.br
app.stackables.app
www.striv3.app
demo.surance-app.io
www.tomwedgeimages.co.uk
clarityconnect.tqi.ai
travelpinsapp.com
www.treacy.io
tucao.ca
dev.app.vatworx.cloud
app.vogelhuber.de
www.volleymania.nl
www.webappex.com.br
newadmin.websays.com
wondercoms.co.jp
s.x-gps.io
v.yuntan.tech
meet.zonic.me
Other domains in certificate