Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.codeassist.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 21, 2025
Valid Until
February 19, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4D:B2:7B:37:F7:8D:97:EA:D8:EA:0E:73:5A:C6:67:60:EF:F0:9C:72:48:DF:11:5F:F8:83:1C:E9:32:54:AD:D7
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.hagaloencasa.co
advancenameplate.com
app.automotrizpetersen.cl
alpha.aviation.tools
avnir-event.com
bladeandhammer.com
www.burke-solutions.com
events.catchupcalendar.com
fooditis.cateringportal.io
www.chepex.app
cleancoastcomputers.net
myfamilytrip.ynet.co.il
www.bellissimosalon.co.in
www.cloakspace.co.in
www.codeassist.app
cresc.io
mdselect-dev.develop.health
www.devopscatalysts.com
douangtavanh.com
downloadredi.com
landing.eatrepeat.in
iqacdoc.uem.edu.in
med.eduq.app
elementalsymmetry.com
eliottabadie.com
www.elizabethschindler.com
www.elusivecar.com
www.em-lab.fr
event-attribution-staging.gassets.emarsys.com
epicpandagames.com
tickets.ethbarcelona.com
birdie.exzizt.com
link.farmly.id
www.findflix.com
flyk.me
forwards.cloud
getzly.com
www.gitorg.org
greengagefinance.com
halftheopposite.dev
happyzuri.ch
helianthus.io
daily.hkoil.org
huamanifernandez.com
www.idesporte.com
ilivou.com
imaginarygallery.art
ishinomaki-marine-village.com
www.itmov.com.br
apps.joinsherpa.io
jw-gas.com
kerenzhou.com
wkst.kioscodeseguros.com
ksanjaya.com
www.lacksautomotive.com
laddercommerce.com
lanubo.net
app.laolivaverde.com
classify.lefty.io
lexflowapp.com
linelesscircle.com
vag-site.livearf.com
loot.com.br
lucaschew.dev
app.mahalawifi.co.za
www.manwey.com
bpss.matrex.in
mattwood.dev
www.mediformtechnology.com
meltemisuites.gr
www.mobdev.com.br
www.moonagilegrowth.com
movement-mixing.com
auth.mysitch.app
message.northsidenissan.ca
transcribe.oneai.com
muji-uat.order.place
www.osamailyas.co.uk
fishbowl.pastiche.org
pedidodomicilio.es
ordernow.phocafelafayette.com
planificahoy.com
auth.qupas.id
dairymgmt.rcloud.dev
dev.manager.rendezwine.com
rosvic.com.mx
mta-sts.sandiegomentors.com
analytics.spaceknow.com
app.stash-app.com
bodahernandezaristondo.swan.lat
www.tanstaafl.dev
etfvsa.tcontur.com
developer.techcora.in
instantus.techsee.me
thefaxfree.com
tryprogression.app
vimal.im
hotspot-payment.wan4u.co.za
app.yourdoctors.online
zstarproducts.com
Other domains in certificate