Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=hundredweightice.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 07, 2025
Valid Until
January 05, 2026
37 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E4:A6:4D:CB:F0:5E:54:60:5B:86:93:4A:B6:24:51:C5:6F:8C:49:7B:33:EA:FE:41:69:E5:2D:C3:A1:9E:F8:9C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
didrik.tech
www.01soup.com
www.1cubatech.fr
centre.1f8.dev
surarimuscle.juntendo.ac.jp
downloads.actinius.com
www.akdroptaxi.com
console.corder.alexkovrigin.me
app.allemanstoernooi.nl
test.altomate.io
apps4admin.com
tasmiya.avs.fr
vfbsuhllottothuringenvolley.deeplinks.bfansports.com
space.boarda.io
www.canton.rest
www.christmasgreeting.se
ommurugatravels.co.in
www.ommurugatravels.co.in
pms.wellpoint.com.hk
api.cryptonotifi.xyz
databizz.com.br
www.davidturnquist.com
p.docuses.in
report.ebizfile.com
en30.net
ethanwei.me
codelabs.exydev.tn
www.firefetch.com
aprobar-diseno.futuralabs.rocks
greamer.com
www.greenqms.com
greenvel.in
www.greeteat.com
huizepoort.nl
hundredweightice.com
registro.icnorte.com
dkvform-de-dev.input4you.be
intravenouswookieeporn.com
billing.ipregistry.co
istgm.io
thelogicalislam.itstrending.in
qwirkle.jackfitterer.com
jadsa.net
jibunstyle.com
www.katysface.com
www.kitchenwitch.co.nz
snakkes.kompetansenorge.no
kylestengline.com
www.linkbuzz.com
lroguet.com
manciotech.fun
maxerp.co
memories-digitized.com
moderno.uy
mortgagefairy.ca
esoc.motionsystem.nl
www.nikositech.com
nomadescape.co.uk
northsoon.com
www.nourishbynara.com
opaste.app
www.oramalab.com
orizon-aix.com
www.osgpro.com
app.paint-plus.nl
dev.paragonlandscape.com
development.plaf.com
www.publifetesting1.dev
miltserg.queliga.com
rentals.ratality.com
links.refcome.team
robbins.ca
www.roboimg.com
robomarket.com.br
portal.roomwith.jp
fb.saishin.net
sal23.es
www.seawise.jp
www.smiletteinnovations.com
stores-discount.speakylink.com
spekaassets.com
ssh.social
studycopy.be
sumamissions.org
badminton.tactum.si
lis.taliferro.com
www.tampere-pirkkalanlentoasema.fi
www.taskmatex.com
www.taskswap.in
tktmempa.fr
toddspainhour.com
app.staging.ukufu.com
app.up-care.fr
www.variationscondos.com
app.velointerest.com
bluesky.veltium.com
veritasian.com
api.wattion.es
promoter.wherehouse.io
xaidemo.de
Other domains in certificate