Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=tender-app.itmedia.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 05, 2025
Valid Until
January 03, 2026
38 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AF:88:97:70:1D:9B:BB:3E:73:D6:48:7E:01:00:D0:79:7C:A6:8D:CA:B9:40:1D:10:C5:8D:08:1B:03:7A:64:56
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
hnw-wedding.com
web.beta.77app.com.br
www.afyrat.se
portal.agrowizard.com
www.airpark.io
karur.anbudroptaxi.com
answersforhiguessthepic.apptget.com
nightly.twins.armilis.com
lardennais.botshare.io
verify.cardy.golf
beta.cenzor.ro
carte.app.chassande.fr
www.dagonmetric.com
datanthread.com
app.digiboards.io
link.documi.app
dogstalker.com
welcome.doinkdiscgolf.com
eatamed.com
bahrain.ebuild.store
match-the-name.elidan.org
blog.enforceapp.com
peakstone.equiem.mobi
friend.evilapples.com
www.fanwgn.com
staging.app.formpup.com
forogimod.dk
officetroop.staging.fultongrace.com
fybra.app
www.gaminggoat.io
www.getup.ai
www.grsforging.com
mpd.hashcode.com.au
cuat-kyc.havemony.com
hermandapp.com
monitoramento.honco.com.br
rand.ideo.com
jaco.impactwrap.com
industrialnetwork.co.za
it-e.se
tender-app.itmedia.io
georg.jampad.app
app.joi.events
joiner.work
jovitajohn.com
get.kafeido.app
kronos-holdings.com
www.lalchimiste.club
app.lampo.com.br
larissa-mikolaschek.de
www.learnwatchgo.com
loneoak.dev
maintmax.com
mavericks-softwares.com
mediaapp.media-11.com
medmaapharma.com
wedding.messlehner.com
mikeob.xyz
gifts.mkline.co
mvp-ro.com
l.namaz.io
pic-cego.mentor.neccton.com
scrape.notepan.com
signin.nowat.app
alpha.app.nyby.com
share.opportunityfeed.com
pingstvanersborg.se
share.podcastguru.io
www.podnicha-hugueley.com
adelie.productsignals.com
projectagenda.com
iam.pwc.com
www.q6a.com.au
online.qbistro.com
quieromatch.com
beesbeesbees.rcd.cool
recover-hub.com
www.ridinginwales.co.uk
riovivo.red
sagarsurani.com
sairsawoodworks.com
santoshginning.com
scienceofseconds.com
seeyamobile.net
www.sflivebus.com
www.slapstag.com
quizify.stagnationlab.dev
tech-n-tonic.com
tecnance.com
terava.fr
tevis.se
renew.the-fukui.com
www.thevedicmath.org
alpha.blog.timothyjordan.com
auth.turisto.com
tylerjcarlson.com
mobileorder.ubiregi.com
vivlico.com
www.wacave.com
b.wwsrecipes.com
Other domains in certificate