Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=popyn.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 26, 2025
Valid Until
March 26, 2026
73 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
23:B4:18:00:82:7B:82:48:60:1D:B0:CB:84:37:87:61:A2:B5:3E:94:18:CD:72:D9:EE:F5:CA:00:5E:09:78:B5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
forget.finance
aclaralab.com
penanggolfclub-d3040.aimgt.info
allocateback.ai
www.amooto.nl
www.andreae.ca
johnniewalker.appliedinnovationexchange.com
sonestaguayaquil.appsiste.co
admin.bee-data.net
in.beerealit.com
buzme.app
ai2.c4f.wtf
carpinchosolutions.com
cartaccimusic.com
castalia.io
www.chiangkhamluang.com
www.classclutch.com
cleanup.website
nilgiris.yazhdroptaxi.co.in
dygs.co.kr
www.heartscope.co.kr
citronelle.com.ua
kendo.com.ua
workers-links-dev.connectiu.com
sisand.consultafatura.com.br
dann.org
desfoods.gr
digitaldentaldesignlab.com
dreamsnightmares.com
ebmanagersmusicals.com
estabiom.pl
www.ezequielestevez.com
findamassagetherapist.org
appvelvet.getcarbon.ai
s.ghiveci.com
www.giuliapilates.uk
gujratifarsan.com
guptaandmedhiraassociates.com
hoff.town
collect.huruinitiatives.com
pre-live.iipvapi.com
app.ifi.imb.br
www.inaptic.com
maksym-olha.invito.link
www.jamespickup.co.uk
www.jsilversun.com
worker.us.kiana.io
admin.koaed.com
djehackathon.kro.kr
kuusamonlentoasema.fi
share-dev.leiapix.com
madebyenzo.com
voicemedia.madhive.com
meaf75.com
meetsummary.com
migraap.com
control2.mindset.ai
minitodo.app
overthinking.mioceen.com
mobover.com
navtechsolutions.com.br
www.novotechx.com
www.numerodeserie.fr
www.objex.tech
todo.ofinventi.one
oiccmasjid.org
www.optimaltherm.hu
www.osacodopao.com
www.patagoniaventures.net
www.pedrinni.com.br
penum.co.uk
www.plip.app
popyn.app
www.qchero.com
rootedtrails.com
bytebuilder.rumie.org
track.runrevel.com
salud-digna.site
sauriecakes.com
api-utility.settle.eu
www.shake-musik.de
webhook.shimejis.xyz
onix.sistena.app
sixwindsorplace.com
www.skaneat.com
www.sparqlight.com
app-itoyokado.stailer.jp
www.steveking.site
app.streamsaver.io
mobile.sunbears.com
license-plate-tracker.taydenflitcroft.com
booking.traininglane.fit
www.vaco.app
veldre-bygdebok.no
verena-logo.at
cdn.voicex.vn
diagnose-b2b.wacul-ai.com
wendyforduluth.com
wisetap.dev
www.zkxjq.com
Other domains in certificate