Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=watch.rupupu.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
February 02, 2026
Valid Until
May 03, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B5:8D:42:BB:21:D3:15:A9:A5:6D:5D:14:F9:D3:F9:F8:22:5E:97:13:AA:D6:F7:0F:DB:BA:77:D3:9F:B5:47:87
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
test.apollofactor.app
a-p.ro
redirect.acatar.pl
974tailoring.algoramming.com
www.974tailoring.algoramming.com
www.anexo3contabilidade.com.br
multibridge.angeldao.org
salesbalros.appnobis.com
app.auditpilot.io
ngsprekanchanhcloud.auxswot.com
beinspired-ou.org
www.brainpath.in
bunfan.games
www.bytelinktechnologies.com.au
cenazlata.si
hall-of-mirrors.charlie-richardson.co.uk
cheekypixel.dev
clypto.in
www.coinmetrica.com
mobiledev.gim.com.bd
lazicgroup.com.my
www.cyl2004.com
d4-d5.net
www.dapanalytics.org
pfg.dominos.ma
dota2skirmish.com
drivees.com
link.epicapp.ru
eqlty.co
fahrplan.ergo-bankler.at
www.estudio.app
ethanmauk.com
www.fidtech.ar
seuboletoc6bank.flexcontact.com.br
hfp.fred.monster
www.gamenotfound.com
www.glynfinck.ca
www.goodfoodcoop.org.uk
hfccoin.org
www.hollyjfitnessapp.com
hygieia.app
coopertaxi.ideiadtc.com
api.staging.illust.space
devv3.inseat.menu
xprcolumbuszoodemo.inseat.menu
app.isoconnect-stg.com
www.itrauma.co.za
jkb-development.com
24planner.kaalkode.com
backend.key2access.com
kimishaluxe.com
langenius.top
linguaway.com
uploadinfo.lottefinance.vn
premion-console.madhive.com
www.makoto-investments.jp
staging-script.mandera.io
matthaddon.org
minesafevr.com
api.myol.xyz
energyandenvironment.net.nz
www.newsprovenanceproject.org
www.olmezsozluk.com
pedestriandeaths.com
photon.software
beta.pointshop2.com
engineering.polymerize.io
my.progressor.app
app.trustedutilities.propertywallet.co.za
link.refcome.team
rehobothbaptistchapel.com
rexiliamary.com
www.rexiliamary.com
watch.rupupu.com
shop.selflane.com
sofa-guenstig-kaufen.de
www.sologt.com
sparkstmc.org
auction.spectors.in
portal.spree.co.jp
www.stefanvott.com
app.stripcss.com
public.stx.world
www.tagbr.net
chooser.tappiola.co.uk
theloftvideo.com
tilequesurfaces.com
cdn.core.timeedit.io
timpweb.com
www.tradeeasy.com.au
www.vacay.live
www.valtteriskog.fi
watchlist.dev.veritone.com
crm2.vhci.ro
test.willowoaks.com
xlerin.eu
www.yesyep.io
yorga.team
www.zacharyinserra.com
app.zhylar.com
Other domains in certificate