Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=apps.octolan-tech.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 16, 2025
Valid Until
February 14, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B9:43:D2:E5:22:AA:5C:EA:AA:AD:4B:68:67:A4:F4:27:7F:C6:51:C1:E2:93:94:E9:47:F5:C8:D8:16:5C:17:66
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Basic
connect-src; script-src; font-src
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
pay.zip.gr4vy.app
pay.sandbox.wpay2.gr4vy.app
ab.2iins.com
aaryaai.com
gis.abinbevefes.app
www.absenso.be
acmatuab.com
aerofoyl.com
www.asseths.com
go.beyoung.com.br
trackify.bluewings.in
boa-soft.com
print.bordexdirect.nl
track.c8mpass.com
chconnect.app
roadrunner.cinedeck.app
cistaessencial.com
ckr.nz
s.clicksound.io
www.shatzki.co.il
cruiseoncars.com
czarneckidesigns.com
datalab.mn
dawg-housing.com
www.debicred.com
staging.backoffice.delta-futures.com
dryg.net
www.eatoffice.pro
life-dash.edenjr.dev
www.edicto529.com
palhares.edsys.com.br
www.egeszsegbenesrepulesben.hu
eliseo-espresso.com
emjsecurity.com
enemiesofthepeoplemovie.com
fembelling.au
formsheets.app
bestellen.gavspizzeria.de
gregcuesta.com
inovexa.software
www.j48baforms.io
meet.k12ccte.tw
iot.krate.app
kruakrungthep.com
blog.ktruck.club
ktruck.club
ladispensadellostepompei.it
lampvolt.com
leadcon.pro
app.learninglanewc.com
app.lifebrand.life
ooo.staging.cleanbrand.lifebrand.life
test-partner.lifebrand.life
localbatoru.com
overagepic.ltl-xpo.com
dodotecakes.lupi.delivery
mabuzaconsultancy.com
manufacturingconsent.app
www.maryvarrodaja.hu
masterfaq.com
mobilecodesolutions.com
www.moongoldmusic.com
go.nextiq.com
sfcc-doc.ni18.in
apps.octolan-tech.com
beta.pedidorapido.app
wcg-pv.ppmutilities.co.za
www.prayapay.com
financeiro.projetos.app
pvp.ca
apks-admin.rcloud.dev
resumemarkdown.app
www.rimo-trogen.com
ruralpays.in
sicherlichsicher.de
www.sma-assainissement.fr
www.course.softflowai.com
about.sonderbase.com
www.spaceplumber69.com
sportclubotesfel.hu
srishti-designs.com
cincinnatipredict.stle.app
www.studiolexfoti.it
sweatsquad.app
fb.t-connector.com
tackleboot.com
backoffice-dev.talent-alpha.com
www.taliowisko.pl
www.tariv.app
teoler.no
theodorekanellopoulos.dev
www.thirdactwoman.in
admin.upmerch.com
multiservice.uwonham.com
vanblaricom.dev
www.vinoradio.app
vlra.app
staging.volleymusic.com
xyntic.tech
youthfulspirits.jp
Other domains in certificate