Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=www.thespotsapp.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
April 26, 2026
Valid Until
July 25, 2026
74 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
54:5D:FC:CB:6D:5B:D8:02:13:8D:CA:81:56:39:03:E5:31:E3:BD:F1:58:B6:C5:72:03:C1:1B:A4:78:32:4D:3F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
jinniex.com
10mado.co.jp
dashboard.42puzzles.com
ai-product-launch.com
www.aksasakaprioritas.com
qatotem.appshare.com.br
artilas.app
astralresonance.com
www.atlaresolve.com
www.autaknow.com
totp.bartkessels.net
www.brantasy.com
www.bueccs.in
enterprise.caseacademy.ai
billing.centrulminerva.ro
chargelink.com.br
www.chaturvediji.com
circuitcore.lk
www.conjuntobrooklin.com.br
diegojeptha.co.za
doisnaoito.dev
drlakshambigai.com
dtiservices.net
elevator-playable-ads.html5.emallstudio.com
charla-git.eximiait.com.ar
fitandhitlife.com
www.portal.futuretechniques.com.np
registration.geeksloft.com
www.goodguysacademy.com
start.gotosherpa.com
lm.greentechno.ca
gridexlabs.com
hoh.lc
pb.hope-xxl.com
v.hudhud.tech
admin.humantrends.co
acceptance-widgets.input4you.be
learn.itman.ph
jcscrackers.in
jerryduncan.dev
jongtronics.com
sic.k-9apps.com
www.kamioncloud.com
kidolingo.com
loan.klinq.co.in
app.klivvr.com
www.konato.com
korgi.sbs
demo.leasera.com
cv.linkwodin.com
www.logicaljupiter.com
www.lukat.pt
www.maryonolaw.com
rackcity.megapos.store
melon.guru
www.mikuno.ch
sofa.mobilenext.eu
morisraely.co.il
nadjaundloris.ch
www.ntsgroup.it
www.ofenstaunen.de
www.ohhandy.com
orask.net
trace.orijin.io
www.petalsocks.com
webapp.photomate.eu
pixelcat.jp
pochtasamdu.uz
www.primaria-ungheni.ro
app-dev.prixm.com
www.quantcreative.ca
cpanel.rcloud.dev
app.rocketbeet.com
develop.app.rocketbeet.com
www.rockitremote.com
saambili.com
sandly.app
saranmahadev.in
www.serwismobilnytir24.pl
developers.sipay.es
softpark.kr
softspace.dev
suwanneecouture.com
www.taraandphil.com
www.thekingsleycollection.com
app.themedalz.com
apps-sit.thesim.com
www.thespotsapp.com
torontozenmusic.com
tronicdistribution.com
www.trustmailservice.com
pantalla.tutto.gt
www.dashboard.valuationadvisor.com
vladislav-lagutin.ru
wedevnow.com
www.willthomaspierce.com
admin.winology.app
fun.wsxnyc.org
wolfapp.zaxnet.it
romina.zzivi.com
Other domains in certificate