Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=cross-otc.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 09, 2025
Valid Until
January 07, 2026
52 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
40:94:BC:8C:CF:F8:A0:FA:12:1F:6E:82:F0:9E:37:CE:A7:05:7C:D9:22:DF:3D:DE:AB:60:E6:4C:40:C3:6D:1E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.abuidrally.com
user-dev.1kmwine.com
share.3plus4.io
app.42hacks.com
a1supermart.in
www.accordle.nl
www.alexdisdier.fr
assi.alias-solutions.net
www.aloksi.com
amidy.love
www.appdetonator.run
axiumrpg.com
www.bestella24.de
bitrotsoftware.com
booking.caa-ahm.org
admin.chefgo.app
communitymap.online
app.credit-agricole.it
cross-otc.com
crowdsports.tv
cuatrocuarenta.es
data-sport.io
www.deeptechsolution.top
www.defiantware.com
www.digisailor.uk
djellabi.fr
dmarcellolandscaping.com
dmasaurus.com
q1-mypreferences.dpd.co.uk
deeplink.drpro.app
grq.e2eagency.com
dr-abedelkareem.e3lannat.com
egfp.ie
egroups.ele.vc
auth-form.emad-abdelmaksoud.com
www.ez-engineering.it
fhssoftware.com.br
beta.admin.foriu.mx
fortum.fr
www.gebr-esposito.ch
www.gemuki.com
dustyderby.geniesoft.io
api.getinvite.co
tailieu.ghncm.vn
www.iceproofarctic.eu
hoangnkd225130.id.vn
indialogist.com
inno-tech.dk
www.inventory.kanban.inrvatemedia.com
iv-code.io
kissaki-japanindustries.com
link.livelix.com
www.local-elves.com
mad-it.nl
www.milicone.com
musettaartstudio.com
colorextract.nabilamerthabit.com
netwavejo.com
auth.onlinesecurityext.com
paperplain.io
tokyo2020.pirika.app
affinity.portfoliolink.co.za
www.print-pack.hu
staging.probuild.app
gtm-adviser.project-g.co.jp
promatiq.com.au
prose-insoumise.fr
app.quislab.com
www.randywebbmemorial.com
www.readytoshare.nl
albi.recursyve.dev
renewable-energi.com
app-dev.us.setkeeper.revolutiones.org
rezept.li
richiesoft.com
www.sergeibalakin.com
admin.shipal.co
www.shuo.jp
siftedrecipes.com
querencia.bioponto.sistemasnemesis.com.br
sitzenenterprises.in
www.starttakingaction.com
strip.cards
tabilly.dev
dev1.taiwanviptravel.com
tattvadynamics.com
www.technokingtrading.com
app.teereach.com
www.thpent-global.com
throughmylens.in
admin.timeo.tech
www.tommyvanpham.com
do.truted.com
admin-stage.ulozdoklad.com
userpath.sa
vickyboutique.com
vipulrojasara.com
stag1.app.wakuas.com
links.app.waregem.be
overview.yoojis.com
Other domains in certificate