Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=dev.cotti.eu
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
50 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
60:75:D1:C3:04:63:7A:D0:BC:93:66:5E:B7:B6:26:B0:26:58:A7:D6:83:16:BB:88:93:D6:E9:66:66:6A:94:47
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.internhs.com
circle.9lessons.info
abhishekrazy.com
aitechnologies.nl
geometric-squarefeet-demo.anagraph.io
arsogrowth.online
www.atelier-law.com
qa.aureliuslab.com
azndo.net
www.baumanntennis.com
staging.birthdays.email
www.botify.ai
caryon.in
churchteamsconference.com
fr.ayo.co.id
collegeseeker.net
admin.nhaphangtaobao.com.vn
dev.cotti.eu
crazywok-mainz.de
customerchase.com
ehudtamir.com
www.ettp.lk
fabianfried.at
fabiendorey.fr
www.fairyzz.com
falconcraft.club
firefanfic.com
www.firefasting.com
friends-catering.ca
premium.game-cards.app
assets.gofloaters.com
googleaistudio.in
heberlein-kraeutertee.de
hortaburgerfest.es
www.howiegoing.com
link.huli.life
app.humantal.com
idiotsingames.com
oryol.innotopic.com
kodamacorporation.com
krutiverse.in
www.latourneedesproducteurs.com
accountant.legalemirates.com
dataroom.legit.health
listfinite.com
api.localino.app
manjarydanceacademy.in
www.matchem.app
mathematiqueschool.fr
www.measuremate.xyz
www.goettems.med.br
api-metis.meuportfol.io
mobile.mimoo.dev
www.monkdiaries.com
kulinerkita.hakimyusa.my.id
www.mylptprofile.com
admin.myworship.co.za
documentacao.neogrid.com
www.newwaygroupcompanies.ae
www.novablitzhq.com
www.orionsphere.com
otfort.com
staging.otorihub.app
brite-site.pharox.io
lawcoin.prachakij.com
placemaker-dev.qworkly.com
resto.guru
rodent.club
rosswittenberg.dev
www.salusmedical.cz
www.simaec.net
simransingh.in
skylyx.tech
admin.slared.cl
assessment.staging.snowmonkies.com
www.softtouchpainting.com
yetiscratch.sqwadhq.com
writer.storycircle.studio
www.sumico.kz
syntactico.hr
sw-shop-ca.tech-scheduler.com
telekineticindustries.org
tiasenergy.com
registro.tiendex.com
tesla.time-lapse-systems.co.uk
timestalk.in
tooneytoonztv.com
brian.tosch.com
www.totemocode.com
totsguideadmin.totsguide.com
events.transparencywise.com
traspasa.cl
staging.triplewhale.com
dashboard.uricall-stg.com
urstartech.com
www.wex6software.com
whatsmyshopifyurl.com
baixe.wisemoney.com.br
wishme.dev
portal-mecredita.xptoconsig.com.br
Other domains in certificate