Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=sig.xink.in
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 03, 2025
Valid Until
February 02, 2026
74 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4C:53:4C:96:4B:BE:40:35:F5:8B:D0:1E:A1:DB:39:CC:BE:81:B4:43:DD:7E:98:CA:7E:96:7D:0E:D4:E7:E8:19
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
deanzasmiles.us
141.agency
qoz-roomplanner-test.3dcloud.io
app.advanbase.com
alasconsult.com.mx
alchinfarm.com
alight.link
app.dev.andteam.com
ashtondoughty.com
asociacionsilbogomero.org
www.auto-quality.in
zh.awesomepiece.com
mypause.banterdev.com
blipsy.com
pos.blutechthree.com
brokerwiz.com.co
app.buildahottub.com
call-video.live
collc.tv
www.collectaeon.ai
www.collectaeon.com
genie.comfyspace.tech
consorciei.com.br
www.consorciei.com.br
couldbe.net
courierec.com
gh-admin.cross-switch.app
checkers.deannastanley.com
desirecarclub.com
devverso.com
dichvuatb.de
digitalmessia.com
droidtechhq.com
cms.dtpayments.io
www.dwriz.com
admin.econstruction.academy
web.expert-network.io
fisiocosmeto.com
www.flowerdeer.kr
www.formbaker.com
forwardlabs.tech
indagostg.futuracloud.com
ghareep.com
www.gialb.club
donate.gofundra.com
healthviewapp.com
higorbelem.com
www.icmgroupe.com
impletio.eu
www.jorigames.com
kevinhj.com
kidspireco.com
www.kolva.nl
www.lcpbroth.com
test.lifestory.us
chiba.linx.live
lockercare.com
mobileapp.marina-punat.hr
wishlist.monkey-projects.be
ads.morphify.club
www.musaff.com
musicraynmall-capsuletoy.com
myklassrum.com
nom.legal
weather.nyamikan.net
www.odania-it.de
funbook.org.in
papeer.ai
auth.app.payerprice.com
plomberiepeltier.fr
poesia-magdalenadermisek.com
www.pomodoros.me
prelaboral.com
test.prepdup.com
www.primarydoctormedjournal.org
www.psycare.jp
ranking.doctor
nx.uat.realtimeknowledge.com
www.rgordonr.com
user.richiesrider.com
collect-emails.riessgroup.com
ncvkdu9cjzrfq646wumt.smartimob.io
convert.soccerwatch.tv
spanara.app
console-alpha.spont.cash
syadwadyuvaclub.org
streaming.theballetphysique.com
www.thehimalayaacademy.com
www.thesilverbackway.com
cd.tutamkhamon.com
tutel.no
txg.app
static.unicornsurvey.com
xab3.exchange.dev.uniqgift.com
prasmul-eli.vania.app
vinro.co
virkin.me
www.whiteout-climbing.de
auth.worldtone.com
sig.xink.in
Other domains in certificate