Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=complex.life
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 05, 2025
Valid Until
January 03, 2026
42 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CC:51:3A:37:5E:EF:C6:8E:E3:D7:A9:D7:E3:0C:62:7D:8E:23:EF:77:80:5D:7B:44:95:F9:13:8E:63:90:D0:BC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
shelfalchemy.com
555labs.com
app.autopay.africa
b0ris.de
ost-backpack.backpackfordrive.dev
app.baudok.com
beerfund.com.au
bondebridge.no
boomreturns.cc
www.calidity.app
app.casaculturaoaxaca.com
casetools.app
bigox.chrislauer.net
kovaicalltaxi.co.in
complex.life
consel.io
cybernetex.ai
dexker.com
dinodigiulio.com
docs.discue.io
dmonesi.it
certificaciones.areandina.edu.co
intranet.grupojuanpablo.edu.pe
ent-heldebaume.fr
auth.exampathfinder.com
www.followthehuntofthecarofthemanbehindthewheel.org
fzz.me
gexpro.pe
auth.ghimprove.com
api.gnd-canvas.online
adecco.goodwheel.work
www.dictionary.fm.grzeg.pl
gundo.app
heronislandoysters.com
i2i.co.jp
www.ifororo.com
franchisor.ikriyo.com
app.immobilers.com.br
inkindfoundation.org
www.instabear.app
dataroom.kanto.co
www.lifano.app
continente-rexterna-mobile.limmia.com
luna.loopbin.dev
meetinspector.ai
themes.mesbro.in
metaideas.studio
www.mikalyoung.com
nanoandvim.com
convert.neoufitness.com
hugo.nesta.io
nidsons.com
dev.novelintegrations.com.au
register.nylos.me
api-testlab.opalastudios.com
app.orchestra4edu.com
joblog.p1st.app
ca.pacifica.fr
www.palladium-salsa.de
pharmacist.dev
test.plotu.io
procal.es
yogurtfactorybeaugrenelle.order.pulp.eu
bardsyarn.purplemovies.com
merge.portal.qvin.com
rangamaitte.com
www.retail-ai.jp
player.rhinosyntax.net
public.roboflow.com
clients.s6.io
saascalc.app
www.sandeshgurung.com
www.santamonicahn.com
sarathienterprise.com
sazposh.com
monitoring-dev2.vks.secom.jp
cbvv.slim-iot.com
auth.uat.sportinghood.com
starcitizen.gift
stmichaelprivatepool.com
tmr-24.com
tokens.traeguate.gt
travelarranger365.com
www.tsutshiau.com
nazoclub.tumbleweedjp.info
hangar.turnosweb.app
everyspace.stg.unthread.io
app.ut.no
variable.app
vendettarossa.com
editor.vexposhows.com
vukoosoftware.com
jz1.vxt.net
www.vywap.com
stalk.wanke.jetzt
www.wisoftify.fr
wister.app
operationalv5.wiyak.delivery
players.yakoffice.app
www.yessaillian.com
Other domains in certificate