Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=cross-otc.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 09, 2025
Valid Until
January 07, 2026
51 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
40:94:BC:8C:CF:F8:A0:FA:12:1F:6E:82:F0:9E:37:CE:A7:05:7C:D9:22:DF:3D:DE:AB:60:E6:4C:40:C3:6D:1E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
deeplink.drpro.app
user-dev.1kmwine.com
share.3plus4.io
app.42hacks.com
a1supermart.in
www.abuidrally.com
www.accordle.nl
www.alexdisdier.fr
assi.alias-solutions.net
www.aloksi.com
amidy.love
www.appdetonator.run
axiumrpg.com
www.bestella24.de
bitrotsoftware.com
booking.caa-ahm.org
admin.chefgo.app
communitymap.online
app.credit-agricole.it
cross-otc.com
crowdsports.tv
cuatrocuarenta.es
data-sport.io
www.deeptechsolution.top
www.defiantware.com
www.digisailor.uk
djellabi.fr
dmarcellolandscaping.com
dmasaurus.com
q1-mypreferences.dpd.co.uk
grq.e2eagency.com
dr-abedelkareem.e3lannat.com
egfp.ie
egroups.ele.vc
auth-form.emad-abdelmaksoud.com
www.ez-engineering.it
fhssoftware.com.br
beta.admin.foriu.mx
fortum.fr
www.gebr-esposito.ch
www.gemuki.com
dustyderby.geniesoft.io
api.getinvite.co
tailieu.ghncm.vn
www.iceproofarctic.eu
hoangnkd225130.id.vn
indialogist.com
inno-tech.dk
www.inventory.kanban.inrvatemedia.com
iv-code.io
kissaki-japanindustries.com
link.livelix.com
www.local-elves.com
mad-it.nl
www.milicone.com
musettaartstudio.com
colorextract.nabilamerthabit.com
netwavejo.com
auth.onlinesecurityext.com
paperplain.io
tokyo2020.pirika.app
affinity.portfoliolink.co.za
www.print-pack.hu
staging.probuild.app
gtm-adviser.project-g.co.jp
promatiq.com.au
prose-insoumise.fr
app.quislab.com
www.randywebbmemorial.com
www.readytoshare.nl
albi.recursyve.dev
renewable-energi.com
app-dev.us.setkeeper.revolutiones.org
rezept.li
richiesoft.com
www.sergeibalakin.com
admin.shipal.co
www.shuo.jp
siftedrecipes.com
querencia.bioponto.sistemasnemesis.com.br
sitzenenterprises.in
www.starttakingaction.com
strip.cards
tabilly.dev
dev1.taiwanviptravel.com
tattvadynamics.com
www.technokingtrading.com
app.teereach.com
www.thpent-global.com
throughmylens.in
admin.timeo.tech
www.tommyvanpham.com
do.truted.com
admin-stage.ulozdoklad.com
userpath.sa
vickyboutique.com
vipulrojasara.com
stag1.app.wakuas.com
links.app.waregem.be
overview.yoojis.com
Other domains in certificate