Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.awesomedevs.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 06, 2025
Valid Until
January 04, 2026
41 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
22:BB:3C:DB:F9:8C:54:BC:1D:13:CB:48:2B:C7:82:2D:E4:30:D3:CF:6E:AD:96:B4:5C:D9:48:77:18:33:23:8B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
nalg.io
laz-spins-cert.3dcloud.io
academicbench.com
www.accessdonkey.com
au.foresight.adgile.media
adhonay.dev
service.alko-garden.no
stake.allbridge.io
admin.allriteproducts.com
app-test.9010.com
www.ascentrek.net
app.awesomedevs.io
bese.it
biteus.pl
bristudioproductions.com
admin.ccchymns.com
www.centralniinformacnisluzba.cz
www.cimarron-tech.com
www.cloudpatterns.co
admin.lea.co.bw
smartcity.cochabamba.bo
app-dev.codedmile.com
pit-anywhere.corsecontrol.com
supportdings.daniel-glombeck.de
www.delhifarms.com
stolat.devkids.app
www.dvcstudiox.com
auth.earpulse.co
easy-spesa.it
ejobsconnection.com
backend.ellieerp.com
elmoclassroom.cloud
everhealth.net
demo.ezajil.io
farhanshakir.com
app.fiffit.com
admin-qa.flave.app
app.folio.finance
forest.io
www.foundry.bz
francktomatis.com
freehand.ink
gen-score.com
plataforma.congresoson.gob.mx
gonzaloyberny.cl
goodygs.com
www.heshmati.com
www.hillcountrytennisandtracks.com
hnbtechrecycling.com
hya.io
inaptic.com
www.indoorcycling.app
infernomon.com
www.intuitiva.io
www.isteuerkindschonda.de
itisok.io
janmichek.cz
jered.io
johnnastos.com
juulsgaard.io
kalinowewzgorza.pl
www.kkoehler.com
kristinadarroch.com
api-debug.landskies.com
list-ezapp.com
admin.masbalon.com
gm-screen.matthewbickell.co.uk
mdshahriar.dev
evaluate.technology-team.mobilitymojo.com
www.mondadorivarazze.it
www.mortgage-simulator.com
netmine.au
lnk.nolan.wiki
stg-links.notahotel.dev
www.owlsector.com
webf.parakolay.com
woodland.portfoliolink.co.za
prideicons.io
psichedelico.com
www.rando-app.com
www.rapidsignupfl.com
mda.rodichub.com
bid-calculator.rodren.ca
safariworld.eco
www.sharmahospitaljandiala.com
promo.shofha.com
simplevisionboard.com
web.speedsolution24h.com
spiceceylan.com
partner.supergenerous.com
www.terranovas-alaskanmalamute.com
thewebrating.com
ucpim.dk
auth.useclicktrack.com
savethedate.vamsiambati.com
www.walkofwater.info
williamsrobertstheosparker.com
xpixelhub.com
xprofilegold.com
app.yamnam.com
Other domains in certificate