SSL Certificate Analysis for escrowpay.in - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=cloud-on-twin.city

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 17, 2026

Valid Until

August 15, 2026 74 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

0C:82:47:B3:11:DD:D5:9D:14:AA:66:B9:31:DC:31:6F:DC:BD:54:4E:DA:19:8F:07:48:A6:51:44:AA:F7:9E:E8

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

escrowpay.in *.escrowpay.in *.b827c793-dee8-49ab-bb22-3df90b138842.escrowpay.in *.black.escrowpay.in *.citrix.escrowpay.in *.dns.escrowpay.in *.ftp.escrowpay.in *.m.escrowpay.in *.magento.escrowpay.in *.mail.escrowpay.in *.mobile.escrowpay.in *.omsk.escrowpay.in *.owa.escrowpay.in *.oxyzo.escrowpay.in *.random.escrowpay.in *.sitemap.escrowpay.in *.sitemaps.escrowpay.in *.smtp.escrowpay.in *.webmail.escrowpay.in *.wiki.escrowpay.in *.zimbra.escrowpay.in

Other domains in certificate

ahicn.com *.ahicn.com *.m.ahicn.com *.pi.ahicn.com *.q4mqst.ahicn.com *.www.ahicn.com

asapculture.shop *.asapculture.shop *.fnkb7x.asapculture.shop *.m.asapculture.shop *.webmail.asapculture.shop

cloud-on-twin.city *.cloud-on-twin.city *.www.cloud-on-twin.city

investingbb.com *.investingbb.com *.m.investingbb.com *.mail.investingbb.com *.webmail.investingbb.com *.zn8rjf.investingbb.com

*.88d38b09-0b2e-496c-b3dd-7bc9ffadd2dc.katchberg.at *.app.katchberg.at *.backup.katchberg.at *.beta.katchberg.at *.bwjmlfrt.katchberg.at *.crm.katchberg.at *.demo.katchberg.at *.emv1.katchberg.at *.forum.katchberg.at *.forums.katchberg.at *.iyxpjs1.katchberg.at katchberg.at *.katchberg.at *.mail.katchberg.at *.old.katchberg.at *.remote.katchberg.at *.s1.katchberg.at *.shop.katchberg.at *.temp.katchberg.at *.test.katchberg.at *.wiki.katchberg.at *.yfotlwda.katchberg.at

*.app.minimarketpro.com *.cpanel.minimarketpro.com *.cpcalendars.minimarketpro.com *.dev.minimarketpro.com *.ebdisk.minimarketpro.com *.mail.minimarketpro.com minimarketpro.com *.minimarketpro.com *.rustore.minimarketpro.com *.sitemaps.minimarketpro.com *.webmail.minimarketpro.com

*.api.sokflare.com sokflare.com *.sokflare.com *.vpn.sokflare.com

*.random.terracotta.com.au terracotta.com.au *.terracotta.com.au

*.cloud.virtual-vault.com *.m.virtual-vault.com *.rd.virtual-vault.com *.rds.virtual-vault.com *.rdweb.virtual-vault.com *.remote.virtual-vault.com virtual-vault.com *.virtual-vault.com *.www.virtual-vault.com