Open
Cached
·
1m ago
77/100
SECURITY SCORE
Certificate Information
Subject
CN=weedus.ai
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 18, 2025
Valid Until
December 18, 2025
40 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7B:A9:DA:F8:5A:38:55:F0:A0:D7:A6:AC:B5:EB:2C:E2:9B:3B:B6:AA:DA:F8:91:41:D0:8B:1E:63:AC:8D:E9:67
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
sandboxsampler.com
demo.sp.bettersure.4-sure.net
meetings.akpartners.fr
www.alelken.in
office.aynama.org
hope.baseph.com
ben-wolfe.com
bronxvisioncenter.com
www.buro.lv
alunos.caioizel.com
www.chigshvaenterprise.in
staking.chillbear.club
www.clickpay.bo
www.cmglobaltrading.com.ar
moriarch.co.il
rice.codeskulptor.org
www.samipcrestha.com.np
iris.gmall.com.tw
painel.correcaodesolo.com.br
crbalconesdelacarolina.com
app.digestly.ai
my.digitalagenda.app
www.divine.online
douwez.dev
app.driveflexcar.com
rizoma.ecredito.io
cms.ednalabs.com
analytics.app.educobot.com
eduyaari.in
quote.erabond.io
launcher.ericnahon.net
ethosgames.xyz
www.expressdroptaxi.in
chat.figueira.cloud
fikadrip.com
www.gartower-weineck.de
globalberries.cl
globalhealthcoreinc.com
pay.commerce-vision.gr4vy.app
app.growltv.com
admin.dev.hairtect.jp
hangtok.com
hayahaytravels.com
healik.ca
www.healik.ca
helloyobo.com
www.humaka.ro
nkd.id.vn
interm3d.com
booking.invoay.com
chapitre-admin.kards.fr
hotel.kattooz.com
qs.kumunua.kr
kyleglasper.com
dev.layopay.com
hk-traffic.linkingapp.com
planeoapp.mareigua.co
www.mobifrota.pt
yinthway.myancare.org
myflag.co.za
natinet.net
nebikiquest.com
www.newstickerapp.com
www.nikhilnanda.com
one-step.io
hmgoneapptest.p-e.kr
dev.p3p.xyz
palamarta.com
bestellen.parma-gladbeck.de
firebase.passpass.org
app.pigmentapp.co
auth.pricetillt.com
reach.rapo.app
simplewallet.razzo.ar
timetravel7.play.realdgame.jp
realmenchoose.life
riddlerace.app
fiscal.savantpayments.com
embed.sceneopsis.com
sciencecolors.com
thanjavur.selvitravels.in
medicion.slared.cl
snaylo.com
www.softytravel.com
solidcore.cl
sphenome.ai
taotau.site
the-field.world
thlabs.eu
www.unluckycricketgames.com
beta.venturewallet.co
vexasystem.com
vexasystem.com.br
veyraapp.com
amomic.vinitrajputt.in
nfts.vistafinance.io
www.vitaosuspensoes.com.br
wecode.io
weedus.ai
yedra20.es
Other domains in certificate