Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=spreadlyapp.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
May 10, 2026
Valid Until
August 09, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FC:03:8B:EE:81:0D:19:F2:32:84:33:39:3B:B3:6E:BD:7C:9F:DF:CA:6A:75:B8:61:F6:45:EE:99:2E:86:85:1B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
deeproot.fit
adnqr.com
aibrick.app
www.allbrightinformation.com
site4.allyable.tech
ops.alsubaeeholidays.org
es.angula.app
astrohimalaya.com
www.autoclarity.co.uk
bahadirgurbuz.com
www.barrydijkema.nl
tokyo-mizuhiki-panoramashop.bestat-data.com
binaryum.com
www.bitsnpixel.com
link.bladewallet.io
www.blossom-natural-health.com
creators.calaxy.com
www.carblau.com
chavrusaai.com
tire.chualab.com
coredrillegypt.com
crescentbulkbrokers.com
app.digame.top
digieazz.com
dj-matty-gee.com
dramos.dev
earthdecks.org
ehrlichproductores.com
auth.eldirecto.com.ar
auth.enhancor.ai
chat.escuelard.com
yellow-cab-chi-traveller-demo1.us1.fleet-dev.com
flownext.hu
app.flux.chat
fredzchicks.com
bodegas.grupoelcr.com
www.happy-dental.eu
develop.harpermedia.digital
invite.housinghelperiv.com
pm.icarusdesign.in
imoshin.com
app.imoverthinking.com
score.inncoded.com
innext.com
inxmarket.in
www.jarsick.com
www.jossgitlin.com
www.kawakasthya.com
www.kraftenergy.com.au
nicolas.lehuen.com
test.lockit.rentals
hautsdeseine.luciole-app.com
ludo.world
lunalet.com
manuelpeakads.com
www.maryacameron.com
friendshub.megapos.store
michaelng.ca
admin.miidas.com.br
www.mobicrafter.com
www.mskaist.org
nabuten.de
fieldappfb.nicholsoncontracting.build
staging.onetable.org
opticprompt.com
home.optplacer.com
www.orthotech.app
www.oryx.xyz
padelchamp.app
bdo.parkalot.io
paulchap.com
www.pengjinet.top
beta.prepworx.io
recruiit.co.uk
www.relomining.com
synco-jfl-beta.roadcast.co.in
www.scephiro.me
seemsprofessional.com
www.semscasting.com
serfutbol.com.ar
setsuna.co.uk
shopfront.page
www.showlett.id.au
cartadigital.sistemasbelkys.com
spellscoders.com
spreadlyapp.com
stellumlabs.com
www.stellumlabs.com
www.stshenoudachurchfl.org
sureresto.cc
www.teambuildinggamesworldwide.com
backend-old.toni.ai
townum.com
www.tringpride.org
tuma.lol
www.vaclavpeca.com
painel2.votei.app
wsolucaoweb.com.br
taste.xegyn.com
www.xninjajs.org
Other domains in certificate