Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=indieapplications.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 05, 2025
Valid Until
January 04, 2026
46 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F0:56:CE:EC:AE:A5:A0:46:58:4C:C9:98:FF:7B:30:69:DB:CC:26:F4:73:B0:FD:3F:07:1E:87:B5:06:D6:3D:16
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
sledee.com
aider.ly
koren.aimcomely.com
www.akashef.com
alwscms.alightwaysolutions.com
transporteschec.almeraim.com
invoice.anctech.com.au
anofox.com
atelier-lesacher.fr
boostmente.com
cf.studio
todo.charisandethan.com
df.te.claridash.com
journal.coddy.app
wiki-staging.collla.com
www.commentextractor.com
csgo-buddy.com
www.davesroyorbison.com
davidjefferys.com
www.dbln.me
degenfatcats.com
www.dprjuniversal.com
www.dramatic.app
www.emoji.kitchen
screenly.ergoon.com
evgenyrodionov.com
app.farmaciasgaleno.cl
finportal.app
tasks.firesite.io
follow-up.no
www.gamerlink.app
www.gameway.app
gedo.zip
fbcf.hexashuttle.com
hivejournal.com
hslpalettebuilder.com
ilan.dev
bestellen.ilcastello-bedburg.de
indieapplications.com
dtoolhealthcare.inovatech.app
ratemymodules.jonathanfoot.com
jyotheeswarchowdary.com
oppack.kartonaza4m.com
keystonecrusades.com
kochamciekotek.xyz
kumarpankaj.site
lantaulink.com
www.learnwithbranch.com
admin.lendcoserver.com
www.locoroster.com
live-quiz-mobile.logicwind.co
meurope.org
www.mittelmeerblau.com
app.mooveandgroove.com.au
mosamerchantapp.com
partners.myvacay.app
link-la.nibo.com.br
treats-uat.order.place
papaya-data.com
prashantsinha.in
printbox.ae
concurso.projetou.com.br
raacde.com
raenj.com
restoer.app
revelatorad.com
ripariansoft.com
dev.rooferintel.com
www.rowx.app
russellconjugations.com
saniyeborafici.com
savact.app
school-house-apartments.com
senning.dev
shaileshpendam.com
shomil.com
cms.shotclub.it
devhome.simplevisionboard.com
skrub.dev
smashsnack.com.br
demo.awethor.softace.dk
spadesqueen.ru
app.spendora.co
startech-digital.com
www.tasklender.app
tatapmis.com
thingsijustmadeup.com
auth.throne.live
timmermann.com.br
touchpad-blocker.com
tranzita.com
www.trendzonebarbershop.com
www.tristolliday.com
analysis.truefair.news
grpc-web.uid4oe.dev
vedexit.com
villalaquercia-countryhouse.it
www.visio-apps.com
wesit.co
www.winitoe.be
Other domains in certificate