Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=bovitzpaneltools.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 08, 2025
Valid Until
January 06, 2026
57 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
3D:D2:7C:B5:29:A1:B6:C3:7D:77:1F:F2:28:56:9A:2B:2C:F8:9F:87:BA:F8:02:69:6B:45:CF:A3:1B:B8:50:EF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
zimmsolutions.io
aboets.com
app-sta.aboutfishing.kr
livla9.abyssalis-aquos.net
alexwks.online
thoothukkudi.anbudroptaxi.com
anthman.com
docs.argos-solutions.io
wbasp08.as-protection.de
www.automathtech.com
app.beyondboundaries.app
www.bilgiciftligi.com
link.bizopsapp.com
bleeps.wtf
shinggg-dev-admin.bluefever.com
bovitzpaneltools.com
photochallenge.bradbieselin.com
www.bricrews.com
devapp.caazam.com
business.sat.cambri.ai
www.cancelamazonprime.com
carlbednorz.com
unmatched-css.carlosagosto.com
hsindents.com.pk
masaru.corntech.com.mx
www.crossdomtest.com
listanascita.davidecampello.app
blog.deconseil.com
defiantware.com
www.domki-barany-elk.pl
www.downwrite.com
eastwing.aero
ess.empleocoparmex.com
ferremates.com.mx
firewards.com
flyingdog.club
www.freeiphonesgifts.com
fromzodi.com
s1.congresoqroo.gob.mx
heckmanhauling.com
helpthedreams.com
hd-dev.hexiradigital.com
dinhtiencanh20224932.id.vn
app-links.indoorskydiving.app
staging.jetsyt.com
auth.joinentre.com
www.kamytech.com
offers.kilimanjarotrekk.com
www.kiokucards.com
www.kmzn.dev
deic.dev.app.konch.ai
app.koronis.cc
accountant-homolog.kwikledgers.com
ladikosuites.com
www.latenightlaboratory.com
www.luhmirin.lv
mesbro-ingredients.mesbro.in
www.mesonera.com
configurator.mod-shed.com
www.moonio.app
www.mosmai.me
www.myclubuv.com
demo.nilear.com
www.nimrooz.de
opicup.com
ordinarycell.com
www.pensioenbijcovertus.nl
phoenixkerala.in
businesscard.plastecity.com
coreplus.portfoliolink.co.za
pottytraining.me
portal.pswfzteile.de
radiock.com
artist.staging.ryddm.com
www.shopfm.com
pdv-doc.shopfood.io
dashboards.next.siden.io
coronavirus.smartrancagua.com
sminternationalvnr.in
tienda.srconstruccion.com
sunnahmedia.com
events.swuvsa.org
teen-advocacy.org
themachinelearninglab.com
notificationsmanager.thinkdigital.co.za
esg.tilix.ai
toslide.com
firebase.tribaldata.com
underdogzdao.com
form.test.utoc.ca
vortex-co.com
appstorereview.app2.wakuas.com
www.waseemsiddiqi.com
dev.weareognio.com
wiktorknapik.com
rwsoftware.workflowmanagerpro.com
admin.sblcwow.wowdesk.jp
www.yamir.dev
app.yamm-staging.com
yumyumtrax.io
Other domains in certificate