Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.thecodetale.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 31, 2025
Valid Until
March 31, 2026
83 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B7:3C:F1:81:81:21:8B:BC:54:B7:54:FD:EA:30:7E:E2:D7:87:C9:65:5E:3A:3F:42:F6:05:47:20:15:96:0C:6C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.bgaworks.com
www.53bells.com
www.5game.online
acadwefam.com
aireader.co
vertretungsapotheker.apolido.de
aquianuncios.com.br
arecofix.com.ar
aso.dog
www.attilav.com
kinderbase.aurora-schools.org
partner-staging.azelis.com
softwares.bbefrance.com
bctsoft.net
auth.billiv.fr
hub.blaarkies.com
brewday-helper.com
saas.bumps.world
camden.contact
setup-feature-prod-eu.captego.com
webapp.carpetadeventas.com
charmanager.app
www.chatfluenceapp.com
chrystal.dev
krishnagiri.citydroptaxi.com
vellore.citydroptaxi.com
epodapp.clearpathtms.com
chengalpattu.yazhdroptaxi.co.in
www.shrp.co.in
boards.coinback-crypto.com
dentfokus.com.tr
reliableproperties.com.ua
commitwater.com
www.credexis.com
www.vvl.ddmpraha.app
www.devsecurex.com
dieselgrid.co
drtabassum.com
dysenko.com
editor.stellar.edu.np
cmes.edu.sv
wr.diit.edu.ua
www.eifi-tech.eu
est8lab.com
words.fredrikpalm.com
salux.gcunit.com
pgi.join.globalmeet.net
gofoods.pk
team-staging.goodhuman.me
www.greeneromaha.com
www.hannessonadmin.com
heritagerecreationclubtrichy.com
horselakefarmholidaycottages.com
admin-staging.hriatnaeng.com
huskysoft.com
intertransportservice.com
iroundtheworld.com
koshiro.iyom.app
www.jannchoy.com
joose.ch
app.kryos.pro
www.ondernemers.lokalebon.nl
manualproapp.com
megaredtechnology.com
dev.minigame.pro
nils.monday.rocks
vinyl.monkehworks.com
staging.admin.nahaus.de
magic.napkyn.com
nawykresie.pl
outnovatelabs.com
p2digital.com
paistie.com
pb256.co
www.peach-app.io
app-dev.platingo.co
app-stage.platingo.co
plenipet.com
proapphk.com
convertini.produvar.com
www.pugetsoundstriping.com
qrcadia.com
quandatix.com
quantsteps.com
dev-links.resident.love
www.seoulgoodcare.com
skotch.app
softwareinrhythm.nl
soluxassistencia.com.br
offers.sterve.shop
svenmoon.com
www.thecodetale.com
thedraw.co.nz
timezones.app
am.tixbc.com
www.app.unitworkers.com
teamup.visionity.nl
links.walletbyboss.com
wikichef.co
liveff.xamaral.com
Other domains in certificate