Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=pay.apphive.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 15, 2025
Valid Until
March 15, 2026
80 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CA:38:4C:85:63:A6:71:3F:98:D3:29:FD:22:AB:00:EE:1D:86:56:30:2C:18:F9:DF:31:C8:4B:B5:45:BA:A3:DF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
script-src 'report-sample' 'nonce-QdXV22DA70bNqCupKF5o8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.ksecret.com
www.1123eleven.com
app.1ludo.com
apiguru.org
pay.apphive.io
b2b.bbcr.eu
www.bholebaba.com
threadmaker.bluerobot.com
casadelbeige.com
catalystlabs.io
www.charlottetennis.us
angloindian-manage.classet.in
vasista-manage.classet.in
clearoptic.ro
auth.cloudercoder.com
www.coinquoter.com
erp-test.cpocloud.net
www.cyberhms.com
dartcannon.com
www.davis4worcester.com
dereks-dough.com
app.digitalpoolleague.com
www.dinox.com.co
alpha.diyaflow.com
www.dornwellcurecenter.in
edumynd.com
obc-link.ehubstar.com
admin.emaiswallet.com
everydaysamething.net
evesue.com
admin.evyaapar.com
installers.fastsigns.com
admin.flexi-vi.com
www.frameluxmedia.com
www.gencoreai.com
dev-www.getbap.com
auth.getpackup.com
giannispizzeria.com
www.glm-tr.com
gozetech.online
gsscyber.com
healthies-varna.com
hendua.com
comics.hogsrule.com
qa.idmx.io
36e.impactwrap.com
admin.indexoflife-qa.com
innabook.com
backup.irts-one.com
www.jeggert.com
www.julien-theme.dev
kchopp.com
kevin-marques.com
krassgeil.de
dev-admin.kruwurk.com
kyserlawplc.com
laitman-facts.com
unla.lapieza.io
tools.littlesymphony.ca
lucasross.dev
push.project.mathematikoi.co
meibokuren.com
www.menchascraftbeer.com.co
blog.miryoku7.com
modernfakir.us
www.murcianys.com
www.natrajmasala.com
pymd.nextgentechdaily.com
niloktar.com
www.nvcspace.com
go.o7digital.com
www.octakode.xyz
gaw.ohgenome.com
onlinegaihan.com
pfonseca.com
photo-p.com
polemovebook.com
qingluanfeng.com
quasar-legal.com
radoslav11.com
ratetherefs.com
connect-customer-ng-admin.rxoconnectuat.rxo.com
saltybytes.au
app.sennder.com
shopfancyleds.com
ithelpdesk.smbtecampus.org
www.sneakytools.io
soatcamp.xyz
soccerwatch.de
spreadsheep.io
www.techdigitalcard.com
thepropour.com
www.theslipperymackerel.com.au
www.truepay.com.br
platform.use-action.com
valgap.pro
www.vismal.com.br
wadihhannouch.com
todo.wichanart.dev
zorbeeskitchen.com
Other domains in certificate