Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=app.watermarkhere.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
April 17, 2026
Valid Until
July 16, 2026
71 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0C:3C:22:94:A4:0D:D4:B9:6C:47:92:B9:78:7E:6A:22:C2:46:AF:12:16:65:EE:C3:26:41:83:9B:21:E9:E4:72
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
insch.app
dash.000105.xyz
8digittax.ca
mick.abelanski.dev
ai-agentic-systems.com
airfresh.com.pe
aliamin.me
ad.anvix.in
adwork.anvix.in
anxiousatbirth.com
manasa.arukala.io
askravi.in
www.baptisteditte.com
beyondaico.org
coachhippert.com
deilive.co.jp
auth.digitalex.io
www.dipankar.co.in
admin.dorsalhealth.com
onebet.eaglemobi.link
easypacksimulator.com
web3-dev.emendes.com
www.estudiolivera.com.uy
finanzapro.ezdev.io
www.familychecklist.app
fiscalityconsult.be
www.flowfocus.org
www.fontsolar.com.br
geektrainer.dev
genesisrust.io
geolyth.org
goutamghosal.com
admin.guiasfundesa.com.br
hdsi.co.in
test.hibble.co.uk
www.hochzeitsautoschwerin.de
www.ianlabs.net
iassystems.com
www.iglugt.com
investaflow.com
ipermis.app
iqgstc.in
learnvim.irian.to
www.jayjootar.com
www.jburchard.com
www.jenova.ie
jyothigroundnuts.in
kalmstead.com
keytechnologies.in
nday.kitanga.dev
www.knecht-reisen.ch
www.ktern.ai
kyletrocki.com
leivakodu.ee
app.liunice.com
ajinomoto-north.logivan.com
lululiu.xyz
manalyzer.online
www.mattbendel.com
xlive.meulen.dev
frfirebase-c3.moboreader.net
modrix.net
moneytize.me
futsalpine.ndorigatti.xyz
numiacentrointegral.cl
foos.ogaspaas.com
okkrut.com
ecomuseedufiermonde.ondagoapp.com
open24seven.co.uk
program.ostrakon.cz
paisa.tools
ge.parkalot.io
telescope.poseparty.com
testlab.profitanalyser.com
dev.radarsucro.com
redvpn.me
www.redvpn.me
robveith.com
roundrobin.rrish.org
www.sanskritiglobalschool.in
siplycrypt.org
smart-crop.com
soetard.dev
stargovision.life
nati.sterv.com
www.stuckyi.studio
superfps.com
dll.teledentix.com
docs.procon23.thangved.com
bombaydoor.thediners.in
resilience-verification.theprojectfactory.com
auth.tly.at
www.translinkglobalsolutions.com
www.uaecartrade.com
vannalamobileapps.com
viamusica.shop
app.watermarkhere.com
webramp.in
www.zenmovelogistics.com
zentus.cloud
Other domains in certificate