Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=donotdraw.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 06, 2025
Valid Until
March 06, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
19:07:95:A0:C5:B2:9C:7F:43:F6:54:51:87:A8:CC:2C:6B:D2:81:90:8B:56:D3:73:BA:C5:C6:CB:6B:BD:A3:86
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
soup.sifted.recipes
cabinet-modcon.3dcloud.io
xeatech.abcd.ar
abhishekshinde.tech
abovecloud.tech
admin.almostperu.com
amadorcf.es
anchala.us
andysoft.com.mx
aquanet-kurashiki.com
automotrizspa.in
being-japan.com
briand-jardins.fr
plataforma.brokker.com.br
caliring.info
www.casaucao.es
www.certisep.com
reviews-dev.chatleadspro.com
www.chickashamugs.com
chitrascope.in
centennialcitizen.column.us
gestao.conectadamiao.com.br
www.consultingoptimus.com
www.corazoncoffeeroasters.com
www.decimoapp.it
www.degeneosis.org
donotdraw.com
www.driveb.com.ar
tech-app.ds-aht.eu
www.ecuestre.digital
www.eg-studioworks.com
app.feeling-match.jp
admin.frissegedachtes.nl
fruitz.io
futureprobe.xyz
getjuly.com
status.hellofresh.at
www.adipometria.hosand.it
hotelgig.net
admin.idlworkshop.com
dev.immodigi.app
immunizationplanner.com
v3-punchkingfitness.impactwrap.com
pwa.in-fila.com
internetcheck.org
eci.onsite.invue-live.com
test3.itstrending.in
live.jetronics.ae
jfmoveis.com.br
kirktongroup.co.uk
kozaonline.de
larsatle.no
individual-osobne.lectorio.cz
stg.lo-beam.com
dailyy.mesawer.com
emails.mettle.studio
app.minkommunapp.se
davinci.nba.com
www.co.nextclan.io
nk.gs
admin.hypenation.optimasysdev.com
www.paedspro.com
game.peave.jp
test.admin.petalhive.com.au
www.pinajob.com
www.presidentsclubcelebration.com
app.production.pro
ration-checker.com
app.reblood.com
www.rentfully.co.uk
rfrweb.it
www.rinkclic.com
www.rivuu.com
www.rkstudio.net
rummycreed.com
www.sagananuts.com
www.santiagosaavedra.net
www.shotlytics.io
signsbydesign.co.uk
dev.smartlena.com
www.snugshields.com
www.spinoza.io
app.supportpoints.com
bodagonzalezasuncion.swanmoments.com
tacticeps.com
tandemstudio.fr
www.teaminglis.ca
auth.task.tech-ascend.com
thenudg.com
mksvrcek.theproductroadmap.co
www.tiketkerja.com
tillingcapital.com
dev.totely.in
www.transitodigital.cl
www.ufast.co
unixuuid.com
static.vargas.ooo
votingparliament.com
wandernllc.com
support.zazpay.mx
Other domains in certificate