Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.otospector.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 14, 2026
Valid Until
April 14, 2026
80 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
85:79:4C:02:53:FA:9B:F6:F4:27:DC:E3:A4:18:88:35:85:D7:25:D6:40:7D:33:F0:E4:42:54:57:12:40:17:86
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
storyloop.com.mx
airfieldmemorialunion.com
www.airfieldmemorialunion.com
airfieldsrwc.com
www.airfieldsrwc.com
airfieldstanford.com
www.airfieldstanford.com
www.alphacarcover.com
www.ascendapp.co.uk
askzuppy.com
www.askzuppy.com
bizmarketplace.co.uk
byline.fun
dev.came.live
carpoolschedule.com
www.concremax-gt.com
controversial.gr
www.coursengage.com
app.crewrun.com
dailythings.pt
www.danielobima.com
admin.dashport.run
b2b-dashboard.dawsat.com
www.devhack.co
www.digitxtra.com
ellenandbertie.com
loopy.emosewa.com
empathica.com.co
ethkaa.sa
familyholidaymovies.net
flappystonk.com
flipclocklive.com
direct44.fsg4dentists.com
fundsnetwork.ca
www.gclg.ie
glassmaytes.com
shodh.godbolekul.com
goldenledtrucks.lk
dashboard.gonjoy.asia
harnois-prouge.com
d-meter-demo.hidroconta.com
howtotalktowhitekidsaboutracism.com
hybridaquatics.com
ikka.ai
operator.innocept-mobility.de
sarefibramacquariemexico.inter.mx
crm.irecman.com
biz.iworkie.com
jan-fv.de
jobbing.pro
joseddo.com
www.jummahprayer.ca
nexus.ksaai.ai
studio.corepaypro.ksaai.ai
kulnois.com
labbitspace.com
legalaliiance.com
www.linuxtraining.ie
liveincharm.com
fortune.luckytilesocialclub.com
mathup.ai
streats33.megapos.store
metisprism.ai
metisprism.studio
app.noleggy.com
www.novaevangelizace.cz
nyapplab.com
www.otospector.com
palmalabs.com
www.payd.me
poedagarsgo.com.ar
profixplumbingandmore.com
www.profixplumbingandmore.com
terraforming.reblochor.dev
kiraniaga.rollingpay.co
sarah-werther.de
shwetascricketcanvas.in
www.smbcircus.com
somosidiotas.com.br
customer.sparkstamp.ca
sprd.ink
eco.tajiribe.zone
script-wf.taleez.com
staging.tera-pay.com
tera-pay.com
www.thredzit.com
tracksevyn.co.uk
tracksevyn.com
twentyheim.com.br
www.unasich.cz
auth.useomnyxai.com
appstore.vanyasem.ru
www.vegstreak.co.uk
video-qr.com
app.engage.ceebee.voyagernetz.us
vyhledavacexekuci.cz
www.xlcarepoint.ca
www.xtremefrost.com
www.yellowbin.africa
www.worldfolio.ylab.app
Other domains in certificate