Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app-referrals.genuineimpact.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 30, 2025
Valid Until
December 29, 2025
35 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E7:65:AC:4B:6C:73:AD:80:FA:09:C6:69:D3:94:3D:14:EE:E2:66:A7:14:A4:CA:27:96:45:9C:5A:FD:D9:A2:03
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
3dto2danimations.com
d.0br1.io
www.4hani.in
accoctopus.com
studio.aegro.design
aimbrella.com
almudenavallereal.com
www.andreats.com
argonaut.energy
asyncteachers.es
auth.aware.avasecurity.com
awmtraining.com
backlight.dev
gbfs.basis-test.bike
battle.online
admin.bites.fi
docs.bizuite.com
boccachica.fr
dev1.bookt.co
time.braintree-it.de
www.brightmindsol.com
beta.canyons.app
clico.link
closethedoor.com
latifaktas.com.tr
www.contributor.pw
avalon.deskbooking.app
stafko-asesoria.devbeebit.com
devonmcgrath.ca
diengcool.id
m.disciplelife.app
www.effai.me
fairybread.au
farmingdata.io
fatboypizza.eu
onboarding.felixpago.com
route-optimization.finncub.com
dhawal-mitali.foreverkindalove.com
freeupsctyari.com
maxol.fuelservice.org
fxcatalyst.in
app-referrals.genuineimpact.io
www.getbrevo.com
www.golf-cart.it
myriad-n-va.groupeducroquet.fr
cse.gs-strm-sds.com
gyaanai.co
harimau.run
wotr.jackofallcode.net
app.staging.justrussel.fr
khayr.app
app.lazulibre.ch
bluniversity.lernit.com.mx
lesliepan.com
www.logi-vietfrance.com
admin.lotuswages.com
www.lumisolenergiasolar.com.br
massironakumo.com
mento.life
rips.misaludcol.com
www.mitrabharat.com
team.mohawkhealthcare.com
moreee.co.uk
www.mudrgarlikova.cz
www.my-lyrics.app
www.mydigisigner.com
www.myhearingcare.com
get.nala.ai
www.ndisinsurance.com.au
pic-hommerson.mentor-stage.neccton.com
nrsk.co.jp
www.oldhamstrong.com
cityofraleigh.opendata.report
kube.opennetworks.com
www.ordertray.com
demo.pacta-cloud.app
www.peytonwinn.dev
phymol.net
www.porous.ai
logistics.apex.rcloudsoft.app
tickets.roobixapp.com
sacredcasuals.com
seita-consulting.com
soleministries.org
stompinggrounds.games
www.sunrisekindergarden.ro
l.synack.live
teachingwithpower.com
www.ticketgenius.ai
www.trenty.net
sanibel-captiva-beach-resort.trueomni.com
tunaleondelosaldama.com
partnerzy.tutore.eu
ultimatetimer.net
www.vergihesaplayici.com
vezerlespanel.hu
www.vitalsleuth.com
api-qa.yasmina.com
old.photogenerator.yousuite.app
zenith-med.club
Other domains in certificate