Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=apexsportsandcrafts.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 16, 2026
Valid Until
April 16, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
10:AC:FA:28:F5:A8:59:00:B6:E2:84:0A:25:DB:DA:5F:5E:4C:26:E0:6E:91:F5:8E:B5:7E:03:3B:7C:2E:45:22
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
rootdigital.com.br
www.20questions.app
laz-sectional-test.3dcloud.io
www.acchaudhary.com
app.altavine.com
auth.dev.althq.co
www.amperka.com
amsozzer.com
apexsportsandcrafts.com
aplicativovendamais.com.br
h3.energia.app.br
mobtest.appframe.at
larrea.biobarica-medicina.com
www.blurryrobot.net
cullai.bookmyshoot.net
oneday-photoshop.bricksbit.com
warranty.brtsys.com
brutto-netto-grenzgaenger.ch
admin.bythebookthebible.com
calypsosekore.space
mta-sts.cat222.jp
cheapshot.co
stage.cincylocalandlive.com
www.cutleafstudios.com
www.deliverysales.net
denes.io
lights.dermaddis.de
www.devemg.com
digitalcoder.in
dlouhy.io
dominiksipek.info
e-dax.com
edh-league.com
educanet.si
eggstradelight.com
www.admin.engineersinsight.co.uk
entropylp.com
ephemeris.me
fasatec.info
filipolender.pl
www.gatellm.com
get-gs.com
basic.getblood.com
auth.godmightsay.com
www.ontime.gostartdriving.com
carefijiportal.digitalfiji.gov.fj
www.gowtix.es
grahamrex.com
www.hammondtruckingllc.com
www.hanzigraph.com
movies.holymist.com
www.hragayvazian.com
hrmnt.com
www.huh.so
social.jacksonfrankland.com
www.kamodamusic.com
store.kuukuup.ee
banco.kziete.cl
mbti.labj.cc
playground.labj.cc
liferpg.lonski.pl
mangainfinity.com
miovino.io
moab.dev
www.morkor.studio
motive-force.com
report.mynt.in
travnik.myphotopal.shop
niallg.ie
omnitrackr.owlair.org
parksidelegal.com.au
sso.stage.platoon.fm
poiqa.com
www.portalferiados.com
staging.app.proinvoice.co
ravishankardubey.in
online.games12.rf.gd
ocenmart.rijoan.com
rizkysaputro.com
www.rmend.app
rogercarter.co.uk
rxclub.us
www.skyedevices.com
smartkeyplatform.io
sodientu.com
admin-test.sorafinance.com
sumabitcoin.com
www.thebeatrixgirls.com
thepathofyogini.com
domus-entrenamiento-y-salud.timp.io
toppy.market
staging.tradesee.io
www.trashfusion.info
www.trueorfalse.app
www.twopia.com
universaltech.io
app.v-system.cz
vitaaesthetics.co.za
wonatti.es
www.zeusgroups.com
Other domains in certificate