Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=www.truellista.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 27, 2025
Valid Until
January 25, 2026
68 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
42:B6:0F:B1:F5:EA:D6:FA:6A:12:85:A0:05:9A:78:D6:0F:E9:D0:E8:CD:48:4E:FF:8D:BD:EB:77:34:A0:0E:67
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
script-src 'report-sample' 'nonce-sScmMyCo5f8nqptTzZOjmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
referral.sheru.se
ar.a360.tech
app.aatlas.com
beta-japan-labelers.aimmo.ai
akshaydeshpande.us
alexharrison.dev
brent.bhbrain.com
www.cardonaindustries.com
app.clickacasa.com
roxen.shoesonline.co.il
www.iass.com.tr
links.mymoji.com.tw
dev-sso.conectacontrol.com
rajapandi.coredesigner.online
staging.ctcs.app
www.dmbard.com
q1-myproductbook.dpdlocal.co.uk
e99x.com
whoa.easysignage.app
auth.elmsdev.com
export.execute.software
exocet-research.com
noodplan.facet-accountants.nl
www.fizixunknown.com
www.fuorstudio.com
ggx01006-007.gadabout.games
www.goagileit.com
goldenlion.band
greencalc.org
hegemier.net
hopdate.co
exp-qa.ideacloud.com
industrie-haus-service.de
ivthe.art
www.jeremycrowe.ca
virudhunagar.jiotaxi.in
jisspa.com
www.joediv.com
www.kitchencalculations.com
lachoutlaws.com
www.lazyworkroom.com
lexgraph.de
pool.long.wtf
lucaselulu.com.br
mai.chat
makeupbcn.com
matiasrivero.com.ar
mattaniah.online
mchtkk.dev
qa-en.memberhub.de
michal-shlomo.com
mishaconsulting.com
links.mygithrive.com
get.myndlift.com
www.nani.technology
nibo-logistics.co.za
njbestmoving.com
nomadshifts.net
nvitmarketing.com
ondrea.io
www.onlypawns.com
onrecord.online
onyxfitgym.com
www.opareta.com
auth-firebase.videoteca.spr.org.br
ctccollege.org.za
www.picturepairs.com
www.pintoverflow.com
www.potenschecken.se
proxiservices.be
quattro.today
notes.ragavkumarv.com
www.rapinnohealthcare.com
rethinkacademyasia.com
rishabnayak.com
riverpointrvpark.com
robertmaloney.dev
sahkarishilpiiti.in
sales.sanee.app
volker.schiewe.dev
mobile.sfsfund.com
sifforum.com
sighash.net
dev-log.projets.mathieu.smarzyk.com
orange-app.speakylink.com
speedstar.live
www.blog.spellblaze.com
srirastusubhamastuevents.in
www.sterkekerken.nl
submissionleague.co.uk
www.sumansolarenergies.info
develop.teamtribe.de
link.testingdeeplink.com
thedonum.com
thesmartwhale.com
www.topfloridabrokers.com
www.truellista.com
warpzonefx.com
wonderpost.nl
chat.xortd.com
Other domains in certificate