Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=shop.hweb.wine
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 07, 2025
Valid Until
January 05, 2026
55 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
63:CF:2F:C9:05:D0:A4:DB:75:71:13:9F:A1:63:46:00:7F:72:C1:82:40:21:81:DC:6C:AB:45:D3:11:0B:81:84
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
thepetdoor.asia
adultslearnuganda.org
akshayapatramealorders.co.uk
www.aminotros.es
awakentotheworld.com
www.bananasplit.cash
cagehunter.com
link.camile.co.uk
www.caossuits.com.au
www.chanonmanojit.com
tioyeyo.clau.io
sasconsultancy.co.in
www.cyoptic.tech
hs-classifier.digicust.com
www.djeliba.com
pickup.dpd.co.uk
baseball.draftkick.com
admin.dresez.com
edupoly.com
www.erfenispublishing.com
www.exaess.com
fghsoftware.com
flappycopter.com
flore.directory
flownote.io
freshcatchapp.com
ft-flow.com
fullviewapp.com
www.gameservice.com.mx
www.geisonszo.com.br
guestcove.com
hasmetalmakine.com
www.hcaccel.com
www.heshdesk.se
b2b.hr-me.co
shop.hweb.wine
ikonikdesigns.co.uk
dash.instaviagem.com
invitem.online
jemendoza.com
joshuaopata.com
test.liveinahive.com
www.loweffortnouns.com
www.madtrenz.com
pwa.maimarae.nz
malayicha-zonke.com
mariacameliarestaurante.com
biomerieux.meduller.com
www.meetsalty.com
property.mesbro.in
www.midknitecreation.com
mitestdigital.org
mudhousekanthalloor.com
member.mycirrusdental.com
pro.mystar.io
staging-webtests.neurotrax.com
newnumberapp.com
nexttrip.nl
nickhayeck.com
ollmannproperties.com
olorin.tech
patricklandy.com
peixinlee.com
pillys.com
qdrix.com
www.qdrix.com
riseupbakerydc.com
risop.com
roycat.lol
saunaku.us
www.dev.savout.net
connect.scoreholio.com
sflivebus.com
shurjobangla.org
www.shutupandmakememoney.com
auth.test.sitch.app
azure-demo.snapmentor.no
www.spectiv.tv
www.spokanechiropractic.com
www.spotifyviz.com
stockingsapp.com
tap2doc.com
iedc.tedoratech.com
shukatsu-type.tm.tekkatsu.com
the-bellemont.com
store.tikpage.com
test.kolpo.timyst.com
register.totalcarechino.com
travel-to-lanka.com
app.tymit.com
m-asyncinterview.ur-nl.com
parcels.dev.utah.gov
vailcomedyfestival.com
vihangarandeni.com
www.vorzeitigzurpruefung.de
wasisvr.com
wavers.io
wheelsbybolo1.com
wrestling.com.br
testdlink.xtribe.com
Other domains in certificate