Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=discifin.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 11, 2025
Valid Until
March 11, 2026
46 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F9:A5:5A:72:86:56:1F:E6:F0:86:65:FE:58:DA:37:69:45:DE:DD:0D:A0:CC:DB:41:8E:2F:A9:D8:AF:AD:12:EA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
agate.lv
pudukkottai.1droptaxi.com
feasibility.catalytic.28east.co.za
accyra.de
afrocare.in
www.agent-intel.com
admin.ainewsoutlet.com
aleati.com.co
yamanote.anyware.software
www.artesfera.it
bfortemusic.com
bioclock-in.com
bk23.nl
burakturkis.com
app.checklist.dev.cargacerta.com.br
fountain.cfwt.ca
cheatdocs.com
civicduty.app
kibabiotech.co.in
www.lionrocket.co.kr
cocoedmonton.com
cogknosys.com
www.writeright.com.tw
v1-console-admin.connectsx.com
dakotamorrow.com
carreraunimodelo.dashport.run
demersdesigns.com
money-develop.desdea.com
discifin.com
djrockyevents.com
doineedsunscreenrightnow.com
www.donatoengenharia.com
elitecrownbroker.pro
www.engagementwish.com
internal.estro.ai
ethertulips.com
lingofy.factictionary.in
qatar.finkraft.ai
fixedassets.jo
gausewasadansukchain.com
app.getdisorganized.com
getmodas.ca
gigpay.click
gigshare.app
glimbaro.com
en.frame.hallobon.nl
holidaymemories.in
homeinsight.in
www.hornpeak.it
www.inboxpl.us
www.dashboard.kanban.inrvatemedia.com
sb-rl.interaktiv.sg
www.irankish.de
alfinzha-anisa.itsyourdayofficial.com
www.jeremyrabaino.com
justtaly.com
www.justtaly.com
kelepar.com
kirsteins.net
app.lapnote.net
llamalearner.com
dev.lovetoplay.golf
www.manachlux.com
maskmedia.se
amritadmit-mba.metis.club
app.misionlea.com
modudatowel.com
mussicharbeiten.de
ru.informacion.my.id
pos.alpha.nayasavera.app
oclabs.it
www.okinvent.net
www.pwrpln.hu
matchplay.rdkr.com
www.saltechgroupltd.com
beartrap.sheebo.org
shotott.online
shouldiwait.net
simpgames.com
bys.sipora.io
sojomarketing.in
www.sojomarketing.in
sorteoszevallos.pe
pulse.stickycards.co
swissaquakat.com
www.sydekick.io
www.tada.com.au
tagmi.app
talakaveri.in
velo-nft.tiin.io
tradeo-tech.com
links.trustlines.app
lp4.unitywallet.com
vatsalyaschool.in
werknemer.verloskundigendronten.nl
auth.vinwise.com
www.waecikejactcsltd.com
safeapp.walshasesores.com.ar
wewelcomeall.net
www.ukrop.a.zajicova.com
Other domains in certificate