Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=nearu.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 04, 2025
Valid Until
March 04, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
49:37:4E:B2:F2:6C:32:CB:D1:A3:CF:BC:8F:57:65:E7:EC:F3:6A:BF:CB:39:D2:F2:01:A7:5E:D1:41:4E:39:51
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
unite.qsciences.com
suitebrains.4bs.com.co
affirmation.studio
eye.aisuperior.com
amiinaporn.com
angelapastorinteriorismo.com
yoda.aonikenk.dev
www.awaq.fr
beta.backstaige.com
www.baglayan.dev
www.bajoneando.com
my.dev.bioracermotion.com
bips.tech
bridge-it.cz
bright-system.dev
centra.pe
app.cloudscaff.com
1km.co.il
itsupport.stulzindia.co.in
reduct.codin.ch
www.coloriseverything.com
www.bescon.com.sg
www.comoaposentar.com.br
www.contentmate.ai
www.cos4env.eu
www.cpfoodservice.com.au
demo1.craynext.in
dinamikprimapersada.com
www.discast.com
dmhvac.link
www.dominikhofer.com
drinks-up.com
drumshopcr.com
easyvote.info
elohwa.fr
now.emproltda.com
fing.app
www.geniusmotors.com.br
www.getboxd.io
getsafeapp.com
vc.grupa.io
hbxc.io
insightmart.in
app.intertennis.com
www.kbwedding.be
kevinclee.org
mapform.knox.ru
of1.ksug.ai
sms.linkx.global
www.maiko.company
mapocaco.com
marcelcominotto.be
www.marinawb.com.br
www.matrixy.co
measuredtrader.com
minarental.com
miniyme.de
www.miskybakery.com
crypto.mokalabs.co
app.music-hub.com
mymoodbit.com
nearu.app
ngtoronto.dev
sv.onscene.team
live.ontracksolutions.in
oodlesbooks.com
www.parkupp.co.za
peoriasfinestllc.com
pettanko.sexy
2023-jesien.bimakademia.procad.pl
www.publicservantsprayer.com
sugaberrio.pujasweb.co
raaonlinecertify.com
app.rebahan.id
a.cdn02-bnamas.h.redlink.com.ar
run4hope.de
www.rvafamilydentalcenter.net
trayectoriaest.satelite.ai
sayhello.cash
scripturegames.com
scrum-poker.app
race-fire.simrace-control.ch
icnh.simuladodetran.com.br
smithwithatypo.com
app.sophrosync.ca
dev-app.spendimy.com
dev.spendimy.com
stellarmobi.com
blog.sylphbox.com
report-sl.test4.life
www.thenaturetech.com
www.timetobook.be
www.tucao.ca
pdt.usp.center
virtualdepartments.com
www.vladescudds.com
xnr.p.w3.app
www.williamstawicki.com
links.wishlistr.app
app.yio.one
Other domains in certificate