Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=link.cashrichapp.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 09, 2025
Valid Until
January 08, 2026
51 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
95:2B:79:2E:69:E8:D0:1D:60:93:F1:28:1A:F5:98:5A:DB:4B:DB:25:BE:E9:8F:1E:9E:14:04:9C:12:66:6F:0F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
andrewdsong.com
0h11.com
1year.io
juventus.academytrial.com
nashville.academytrial.com
www.aklc.in
www.akwabamarket.fr
www.aodesu.com
www.apotex360.ca
admin.atgc.app
beamscoffee.shop
betonindia.in
bickies.nl
blyssfitness.com
app.brandbeacon.ai
brian-le.com
capionic.com
demo.capropms.in
carboncleanil.com
carrottheparrot.com
link.cashrichapp.com
ceiu30851.com
clinicasfutura.com
denverwestword.column.us
app.comprascompartidas.com
www.conradt.dev
admin.cresicor.ai
sms.cspivital.com
www.cultivatd.co
darylrue.com
decitto.de
diyetika.com
vietnam-ready.edlin.app
enor.com.ar
erpl.io
vantagens.essilorconecta.com.br
www.ethanalanbarnett.com
eversend.dev
expomontesonline.com.br
facilitysight.app
www.fengsushi.es
findadev.io
gale-x.org
genhaus.com.au
www.glitzcoservices.com
gnmacroanalyst.com
greenergames.co.uk
heds.io
hisabkitab.in
imperialsurfaces.co
console.ipsos-autoconnection.de
www.irc.africa
desty-arbai.itsyourdayofficial.com
hkl-es.jec-digital.com
joshroseboom.com
juanfranciscocordoba.com.ar
survey.koco19.com
www.lissin.in
melasmatreatment.ca
www.meralipharmacy.co.uk
erp.meratractor.com
mercedespasco.com.au
app.metaclinic.com
pokemon.meuniercharles.dev
my-maiden.com
legal.mymoons.co
acadia.nomos.health
tolu.olagunju.ng
www.onelinkforall.co
oneshoeco.com
sumoglorias.pedidomovil.es
picpredict.art
playreddog-online.com
avisolegal-smart-routes-app.proarte-online.com
lifecinemas.queliga.com
nexans.rflex.io
robyndan.com
cdn-int.setkeeper.com
qa.bomify.solongo.app
www.sorcerware.com
mudic.sparshbajaj.me
www.sportse.club
squadra.work
console.starsnest.com
www.teatopon.com
vahini-admin.teja.health
app.telemathings.com
testandgo.app
www.tili.ai
house38emenu.triggersplus.com
trytasky.com
mobile-android-staging.twingtwing.com
wecovr.com
whelptech.ca
winfill.ca
wnl24.com
www.wnl24.com
staging.xpsads.com
yslbuilders.co.uk
www.zincir.app
Other domains in certificate