Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=digitalcoder.in
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 17, 2025
Valid Until
February 15, 2026
72 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D6:83:E2:D7:94:96:B5:8F:90:EB:B8:D6:4C:85:67:7C:94:FD:00:53:DB:7E:D0:CD:B7:E4:40:7C:AE:88:18:1A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
script-src 'report-sample' 'nonce-WKIExqMfzizVSVy9n4wyHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
links.soho.com.au
3tglobal.co
play.42puzzles.com
5startrivia.com
www.afrocoders.com
aguaturquesa.com
www.aichefapp.com
aiexpert.art
allcontroladvisor.com
app.altavine.com
auth.dev.althq.co
apexsportsandcrafts.com
mobtest.appframe.at
arqstar.com
betterbloodcare.com
larrea.biobarica-medicina.com
cullai.bookmyshoot.net
brainbevy.com
admin.bythebookthebible.com
cabalasystems.com
calypsosekore.space
mta-sts.cat222.jp
centertable.club
www.cerealslab.com
stage.cincylocalandlive.com
cittah.com
cloudmallstyle.com
cloverbyte.com
collibe.com
www.childrenscareclinic.com.ph
www.cabaret.com.tr
www.cutleafstudios.com
datahive.kr
www.deliverysales.net
denes.io
marcocosta.dev.br
www.devemg.com
digitalcoder.in
m.divana.app
dlouhy.io
www.douglaspaintinginc.com
e-dax.com
edh-league.com
educanet.si
eggstradelight.com
ephemeris.me
evaldez.click
auth.fidelando.app
filipolender.pl
www.gatellm.com
get-gs.com
basic.getblood.com
www.ontime.gostartdriving.com
grahamrex.com
www.greydoha.qa
www.hanzigraph.com
www.hausacorp.pl
movies.holymist.com
www.hragayvazian.com
hrmnt.com
www.huh.so
indicouyeesganhou.com.br
john-flynn.co
console.adm.prod.linkrwave.io
lucasgabriel.com.br
menendezlaw.ca
miovino.io
moab.dev
histamin.moinahoi.com
link.moxytv.app
www.nazpharmacies.com
www.ourse.app
omnitrackr.owlair.org
www.oxipoker.com
parksidelegal.com.au
sso.stage.platoon.fm
poiqa.com
app.v2.polyflow.co
staging.app.proinvoice.co
www.quiziko.app
rizkysaputro.com
rogercarter.co.uk
rootdigital.com.br
www.rubysinclair.ca
rxclub.us
links.sarkariprivatejobs.com
sodientu.com
www.sooho.info
sumabitcoin.com
www.szefinspiruje.pl
tamilunitedchurch.ca
www.thebeatrixgirls.com
thehomie.app
domus-entrenamiento-y-salud.timp.io
tmgconstruction.co
toppy.market
www.twopia.com
vocationaltest.com.br
wachbuero.app
www.zeusgroups.com
Other domains in certificate