Open
Cached
·
just now
92/100
SECURITY SCORE
Certificate Information
Subject
CN=askwillow.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 21, 2025
Valid Until
January 19, 2026
70 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B8:A5:5E:CD:AD:BB:7D:99:41:FA:AF:46:CB:F6:C9:EE:84:78:4A:26:AC:3E:10:94:AE:C8:4A:DB:22:3B:A9:8F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Good
default-src; script-src; style-src; +9 more
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Recommendations
- • Strengthen CSP by removing 'unsafe-eval'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.ninety.us
qa.app.ninety.us
benchmarkit.3diq.com
www.active-generation.org
adampalinkas.dev
dev.agroop.net
askwillow.com
invite.bankaks.com
belovance.com
www.billahern.com
www.biosbb.com
bitrif.com
manager.blumswear.ro
learning.bukhamsin.com
citysoftware.dev
www.cjdegreestoday.com
star-lifelong.co.kr
tango.colia.com
collabhour.com
crvlaboratorio.com
crystalpots.com
newhaven.culturalyst.com
www.cutiecollectables.com
davidgalindo.dev
www.delisles.com
dennisrankin.com
drmadhubhatia.com
ticket.e-ticket.co.jp
demo.easyday.se
endtheday.com
www.enhancedds.com
admin.eyeofthetiga.com
fc-yehuda.com
fenerama.dev
fivethingsthataregood.com
flemingfrancis.com
florafresco.com
fotoramausa.com
conexaoc6.grupomova.com.br
guulamog.com
hyrumtroop47.org
www.panel-dev.inclub.world
mozaikplay-stage-8.ischoolconnect.com
www.iskconkitchens.com
jonathanramyarussell.com
juangaviria.dev
www.justinjoy.dev
www.kennah.co
kiapartsconnect.com.br
kindnoise.com
kittycatbytes.com
www.km61.com
auth.koncept.com
lalocalshop.com
lerempla.fr
lobiancoconstruction.com
www.loudcurtain.com
luisbajana.com
www.marcuslowe.com
mariodujic.com
chat.martincheng0.com
push.mathematikoi.co
menbymail.com
mentanalytics.cl
company.miahire.com
app.mirrorfit.jp
misradror.com
bit.nginel.com
www.nordair.ch
nuine.co
www.overlap.live
oxesoft.com
palhuila.com
ta.peterolsen.org
admin.pickwings.ch
staging.principle.dental
projectcollaborative.net
qplusa.co.uk
www.ratherfly.com
www.rens.im
fire.ricardofreitas.dev
rileypeterson.com
www.rocketworks.io
samanthonymcgrail.com
seferovic-trockenbau.de
www.sigmaleads.io
dashboard.sila.live
waterbodies-dashboard.spo.show
www.stawd.ru
admin.sushibento.it
teamamaro.online
techbot.dev
thecodecrafter.dev
trivianote.com
www.tulo.no
dev.turtletank.org
vendservice.at
www.wizebuy.co
www.youthinc.mn
www.test.zeffi.dev
Other domains in certificate