Open
Cached
·
10h ago
77/100
SECURITY SCORE
Certificate Information
Subject
CN=beta.watts-hot.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D4:4C:B8:20:13:71:B5:53:20:F0:F3:08:F2:31:78:FD:A4:A1:4A:6E:78:23:C0:6F:70:26:B5:B4:32:63:83:68
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
karlesk.info
www.academmia.ro
donate-dev.homenoc.ad.jp
anuragbhagsain.com
app.awayfrom.uk
aytdm.com
www.betparty.app
signup.boo.world
braid.tech
bestellen.cityfood-marl.de
www.clinking.net
clops.cloud
app.cluborg.co.uk
www.codeforbrands.de
pathfinder.darkmane.me
app.desenfila.com
developmentunited.org
saude.edocol.com.br
www.fridg.app
excelportfoliometrics.fundwave.app
dashboard.gl-security.nl
www.gmverse.studio
everest.guidaevai.com
links.guilfordsuccess.org
beta.heyalfie.io
dev.hisaabkitaabapp.com
yagurastation.honigwachs.de
app.hooplifebasketball.com
www.hotel-bambu-canoa.com
www.hotroadsolutions.org
interactivaagencia.com
eta.invodia.com
www.itsrudecat.com
firebase.qa.justuno.com
api.kaffeeroesterei-magdeburg.de
www.khizar.dev
configuramkp.kioscodeseguros.com
admin.dambulla.kopark.io
korrekturmanagement.de
zamp.sheone.kpeyes.app
omukae.kunimasu.com
www.leftcoastoverland.com
admin.ludovino.app
pv-link.lukb.ch
dev.about.magnesconnect.com
premium.mamanoko-staging.jp
vertex.markangelohernandez.com
pf.mbks.io
mdln.fan
erikson.medianochelabs.com
miraauction.com
www.moneycl.app
moniapps.com
www.motoclan.app
chatlet.mrgames-server.de
dashboard.nameshift.com
nickx.hu
nisar.co.uk
qaadmin.outreachmantra.com
www.paolomainardi.com
partiful.us
test.peak.flights
quiz.pervoka.com
www.pira-lago.com
admin.pixapup.com
www.plussixfive.life
www.proinhvac.com
projectauga.com
pwny.win
quieromi.app
epex.re2fe.com
reelitapp.co.uk
www.riantono.com
stg.test.admin.rival-basketball.jp
www.robdenman.com
www.roboticimaging.io
accounty.rockypardo.com
www.salonlolitarestaurante.com
www.saveytm.com
www.seanjohn.eu
link-test.sexcellent.app
www.shahiana.in
shoutgif.com
footprints.spectalite.com
spelezoli.lv
stuckinarut.rocks
web.thecheckin.io
thechrisross.com
mijn-test.toegang.org
trevorandkate.com
truckersbuddy.net
cms.vc360.app
linkuat.ffm.vic.gov.au
backoffice.voveid.net
www.vtube.stream
beta.watts-hot.com
we-balaton.com
auth.wellnesskliniek.com
workaxis.in
beta.yadada.app
Other domains in certificate