Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=lacrossewatch.de
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 09, 2025
Valid Until
January 07, 2026
37 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
08:90:3E:B2:28:F5:4B:33:8F:7F:56:4D:33:87:F8:FA:34:2A:E7:0B:47:EF:83:19:FC:9C:C4:FF:C5:09:E5:8A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
matthias-schmid.de
aadiyatradesolutions.in
www.aadiyatradesolutions.in
job.adamhitchens.com
adrianogroup.it
www.akaritree.com
firebase.core.appelevate.cz
farmacianacional.appshare.com.br
outletlingerie.appshare.com.br
aps-ltd.co.uk
www.artmuseo.app
image-to-svg.as-a-service.dev
www.bascope.net
bioliving.it
boginni.net
hokm.casinopersia.com
cicesspert.com
batdat-demo.circuli-ion.com
democlaudominicana.clau.io
www.cloudmason.dev
admin.integral.com.py
comfenix.com
commission.art
arasanz.configuradordeco.com
exchange.containergo.vn
coronacountdown.app
surveys.cubesp.com
www.despeurtocht.nl
thespot.digitalbithub.com
staging.edisoninteractive.tv
educa-pilot.com
eeccontractors.com
elearncert.com
eventmage.com
web.evolist.app
www.fairyexperiments.com
www.fessior.com
firestoneandparson.com
salesbyhoist.flodataanalytics.com
folks.dev
economato.mpftucuman.gob.ar
www.gojiberry.tech
pms.nigcomsat.gov.ng
ccrcd.hyphae.net
www.ibrahimadr.com
initios.in
invitus.id
jusander.fi
www.kalendarz-motoryzacyjny.pl
www.klikkie.be
admin.klubbappen.se
www.knockoutleaguevr.com
lacrossewatch.de
legi.one
likelikes143.com
spaceteam.madebymohd.dev
www.meh-yar.com
www.ninjacows.net
ofukidoma.org
operator.app
basfwebinar.owncast.live
padi.team
pa.sase.paloaltonetworks.com
yllee.pe.kr
www.wokyou.pedidomovil.es
perymeter.com
phumbl.com
my.pingoo.app
pohr.info
addlicence.point-star.com
iac.processshop.com
rebu.app
reciclapay.com.br
renaserfinanciero.com
www.esports.ronne.dev
www.safike.com
skilltech.team
expert.smartplanthome.com
royal-legal-solutions.solerabank.com
sparkien.com
www.spiceapp.us
deeplink.startimestv.com
pay.straetus.app
dev.thaiqrmenu.com
torneodecompas.com
orderhistory.uricall-stg.com
www.valleyvotesproject.com
adjust-huay.vertion1.com
www.vhdleditor.com
vidyaportal.com
www.villa-nocturno.com
superialwalls.help.voyansi.io
whale.vision
www.wisd.io
single.with-marke.com
www.wog.gg
am.xploit.ltd
www.youmatchwho.com
www.zahaumusic.in
zidanpk.com
Other domains in certificate