Open
Cached
·
3h ago
78/100
SECURITY SCORE
Certificate Information
Subject
CN=ownhome.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 26, 2025
Valid Until
January 24, 2026
73 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E2:78:5A:F3:BF:51:E6:47:BB:64:2A:62:E6:9D:EE:CE:F1:A9:3C:55:6D:91:66:E9:01:32:4C:B7:FA:77:B0:B7
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
firebase.blozoo.com
wk.1touchrevolution.com
2014.davidecantelli.it
www.365wonders.com
www.food.4xpress.com
showroom.actiw.com
adiktiv-technologies.com
alfa-clean.info
www.alfa-clean.info
artsbyjp.com
internal.autecla.com.br
dev-api.bepos.io
www.buffup.tv
kinderopvang.cao.app
www.catalyca.com
www.catclub.com.br
matkonkaitz.ynet.co.il
www.colista.app
www.constructoramejia.com
cubenine.com
culture.systems
app.deliversense.com
dgfolio.com
ncleaner.easy4u.co
edubitly.com
www.emmapinto.com
www.ethronsoft.com
www.www.evxpertz.in
farudigital.com
iot.fenzopower.com
auth.fermat.app
www.fitclip.jp
foam-techs.com
foruapps.in
gijora.com
gracetech.online
greagori.com
www.heeeeeeeey.com
hochzeitssitzplaner.de
igreen.place
dev.inclub.world
www.dev.inclub.world
jest.infr.app
tronsticker.itchitech.com
jlc-hub.com
www.kifaministries.org
kryptonissen.no
landstartransport.com.au
www.lang.blue
latabledu9bis.fr
vtg-prod.da.letsdive.io
dev.librexapp.com
www.limatrix.pro
lini.page
lordanco.uk
www.michaelpapes.com
apartments.milenkovic.xyz
tarjetas.mirinconcreativo.com.mx
winayaenglishreading.my.id
nhseriesenterprise.com
nodetrax.com
admin.novacapital.tech
www.nuvik.io
omyfu.ch
emotions.otfm.org
ownhome.app
droply.parceltracer.app
payeitforward.com
philippgerber.li
m.playfreegamer.com
ducome.portfoliolink.co.za
preprod-assets-www1.primerewardspot.com
princemakavana.com
pubcoasters.com
remy-ranger.raveon.fr
www.renpoint.com
shopifygls.robotshatemonkeys.com
saaanvik.com
www.searchpolygon.com
hr.sheqintel.com
app.skwirrel.io
sochung.center
www.stijnwolters.nl
storepin-dev.de
bodytrace.demo.storyhealth.ai
maviri.supervisor.center
supun.xyz
boringo.surajthotakura.com
www.swipenot.com
partner-dev.talent-alpha.com
www.thesocialsoup.com
tminus5.dev
www.twistlounge.al
visitdunfermline.app
vmathieu.fr
vtradeapp.com
dev.dashboard.w3lcome.com
washprodigital.com
www.yourweb.app
zipzoneunicon.com
Other domains in certificate