Open
Cached
·
just now
75/100
SECURITY SCORE
Certificate Information
Subject
CN=www.world-surf.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 17, 2025
Valid Until
December 16, 2025
33 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
84:F6:E9:52:D8:73:7E:A0:64:56:54:35:A4:8B:A0:B3:8E:4D:5D:84:DB:54:6E:86:4A:48:4F:56:9A:A3:0A:A9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
contemporarysecurity.com
dev.registration.3rbehavioralsolutions.com
911museumtickets.com
scan.abhiyanpa.in
beneficios.aclspa.com
angel.uy
admin-dev.antaa.app
df.appikot.com
sxp-dev.appikot.com
atlasdestinations.com
ng.balushome.com
bapuvidyamandir.com
barbaix.be
beitbook.com
www.status.bienparabien.com
app.bowworkout.com
romain.briand.me
s.cashbee.ph
login-dev.chatleadspro.com
www.chrishane.dev
churchzeit.com
cittah.org
dishaengineers.co.in
www.codenames.us
www.danielbigler.at
digitalconte.com
pensioen.directict.nl
drafting.gg
e-busesservice.fi
eiffelguide.com
emassociate.net
cxpf-ext.emporix.io
englishwithshamila.co.uk
reservation.essen24.at
app.famfort.com
rsg.felporgetve.hu
dl.fetchef.com
warehouse.flagship.agency
yellow-cab-chi-business-test1.us1.fleet-dev.com
yellow-cab-chi-hub-test1.us1.fleet-dev.com
yellow-cab-chi-traveller-test1.us1.fleet-dev.com
goavalankanniwayscarhire.in
www.growlabs-design.com
www.hawler.fi
hoaally.org
pub.hvr.world
ju2tin.com
bonvivre.kards.fr
www.tv.kurr.dev
loicmotheu.dev
distancier.maroszelenak.sk
maryandthemissingstrangersfilm.com
demo.meiliiapp.com
misspilates.com
pu-admin.myresservices.com
myswatchbeauty.com
www.myswatchbeauty.com
neighborpays.com
www.nicolesfootballpicks.com
nicoto.es
odoya.pt
canteen.olevels.com
opulentrealestate.net
dev.pay18news.com
link.pcard.click
permarinus.com.au
deep.stg-native.plugo.co.jp
doc.posbel.be
posterdo.com
potencytech.com
pulsepets.io
www.puntoas.com
www.raidalt.com
admin.recland.ca
rincondelahuasteca.com
booking.sanimalis.app
uat.max.members.sargon.com
shadowflips.com
sideline-openair.de
dev2.skillhopper.com
my.somn.co
app.spfweb.com.br
rcm.svasthealthtech.com
svsglobalimmigration.com
navigator.systemicdataethics.com
talk-strangers.app
teddyfitz.dev
therushabh.in
tigading.com
tortaspopeye.com
torusbicycles.co.uk
www.trubary.com
twgood4u.com
uicarea.com
www.uncommonarchitect.com
upnow.site
virendratarate.dev
vyinsp.com
wanax.com
www.world-surf.com
Other domains in certificate