Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=batooinn.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 01, 2025
Valid Until
December 30, 2025
38 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BA:7D:71:E7:02:F8:73:F6:3A:19:E3:4F:D1:35:13:9F:6E:58:52:AB:81:E1:74:9D:4D:31:64:D9:86:94:CE:1A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
edc.saifee-events.com
redhillgames.12traits.com
www.2easylabs.com
60minlimo.com
amitbeta.8guardian.com
aaradhyagrandrestaurant.com
acrisjeans.ar
www.acrisjeans.ar
ade.aero
demo.ags.run
agwsu.org
aisessor.com
appex-development.com
arboretumdelafosse.com
www.arboretumdelafosse.com
uat.mis.atomx.asia
www.atoyansk.com
austincondolaw.com
automagicalapps.com
balajiadvisors.com
batooinn.com
app.bbdinsights.com
beerstory.io
bepaw.com
www.bilo.online
app.claimify.ng
cleanrok.com
faucet.cointanda.com
www.confomap.com
cub.la
pogo.danimoya.es
davtek.io
digitalventureshub.com
www.donarlo.org
monclub.eec-engie.nc
elitenailspa-acworth.com
hawaiian.equiem.mobi
documindai.fadhalshulhan.com
www.fairdrive.app
sgpapp.fiters.co
www.flaxboll.dev
floosy.app
user.flyfi.app
dashboard.foodly.ca
staging.gapcross.com
dev.games.giacapp.com
pay.sandbox.wikimedia-india.gr4vy.app
grupo-egad.com
registration.hawkridgesys.com
wimbletech.humannetworkz.io
app.imoveisnovaopcao.com.br
www.innovat3d.ca
iyengarscreations.com
jaintechacademy.com
aerial.juanguarin.com
diner.judel.nl
basic.kibitest.cloud
learning.kinetek.com
kyntek.ch
pmt.lausannepalace.app
www.leadandsubmit.com
ledx3.com
listing.run
www.lorvenholdings.com
www.lost-found.io
magcinc.org
internationallearningwarehouse-ug.metis.club
www.mosunhomes-realtors.com
www.nagu.co
www.nazhost.com
www.neatlink.ca
bridges.norththird.io
blog.palcu.net
www.play-fore.com
www.poonmy.com
rauchholzlibrary.org
www.rayglassdesign.com
www.roamadz.com
www.robertgolawski.com
rsr.ge
rufiguty.com.br
admin.saltstayz.ai
bill.sbox.shop
www.simaofashion.com
www.stageio.cloud
links.stava.pl
link.sukoonawakening.com
dashboard.syu-sd.com
syu-sd.com
tarakeni.com
app.teachlegato.com
www.tryavo.com
usetaper.app
www.usetaper.app
www.webediaoffice-map.com
www.wnut.in
www.yawnnygames.com
business.stagmob.yodelit.co
youssefmoussallem.com
dashboard-stage.zkip.app
Other domains in certificate