Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=rotacerta.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 19, 2025
Valid Until
February 18, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
89:EB:2B:E6:EC:EC:77:A9:C2:8E:52:0A:71:70:36:4A:EA:2C:E6:09:1C:F3:59:9A:4C:0B:0A:5D:EF:2C:57:39
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
techauctioneer.com
live.aku.edu
firebase3.andytruong.dev
atomnest.com
bellasmission.org
bvm-spielplaner.de
www.candyfighter.com
chessexpert.io
cocktaildb.app
deeproai.com
deparkstad.nl
campaign.develop-homehub.site
q2-myaddressbook.dpd.co.uk
e-seqr.com
chrome.earningsahead.com
admin.easeyourlife.in
unlimited.easysignage.app
test.ecg247.com
www.edukun.com
crm.eksaq.in
www.eloscloud.com.br
www.elvismoyo.com
www.ltec-ctdf.eng.br
admin.fotekmex.com
gearupp.is
www.gloriaglobalventures.com
www.goldenleapschool.com
shareimp.goodapp.in
dev-deeplink.healables.ai
uide.helight.dev
inichepro.com
innerblooms.in
inprose.biz
intricai.com
ire-view.ai
www.javos.dev
link.joinable.us
www.joyngjingru.com
juevh.com
app-uat.k1driven.com
demo.kasoft.vn
kin-kin.ch
fb.kmplex.com
dev.kyberoppi.fi
supercumulo.laniakea.tv
lingovu.com
bulkorder-test.locationinventory.info
magicspinlaundry.com
admin.mart48.com
www.michaelolich.com
laporanbank.my.id
myalias.page
www.nationaljamskatingleague.com
offlineads.in
onemuri.space
www.pavafetch.com
pikadroid.com
pikadroid.dev
www.prediciendot.net
www.primeleads.in
app.proper-ly.com
holasegapp-dev.proyectosyseguros.com
app.quizpoker.nl
www.radsinfra.com
www.rajamohan.dev
rajaoren.com
www.revitalisedsolutions.com
www.ricardoac.com
nue.rosversity.com
rotacerta.app
connect-ng-carrier-admin.rxoconnectint.rxo.com
links.rxphoto.com
wedding.sayandas.com
www.staffsync.scalingsmiles.com
www.schneiderei-olga.de
www.scrittocon.cc
www.shavittzuriel.com
snapcup-test.softwire.com
chengalpattu.ssddroptaxi.in
kanchipuram.ssddroptaxi.in
namakkal.ssddroptaxi.in
ooty.ssddroptaxi.in
viluppuram.ssddroptaxi.in
sufftopia.de
base.swifthomework.com
slots.games.tetherstudios.com
thedoorstory.co
applink.thegameium.com
www.tigerbrandapparel.ca
orders.trulysofas.com
tsotechnology.com.br
success.twentytwod.com
track.urbaner.com
videorespond.com
mission.stg.visits-innovators.com
links.dev.voice-pococha.com
app.voltagepowersolutions.com
app.yatriapp.in
corsunskymore.zertidocs.com
zimo.pro
Other domains in certificate