Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.infiposs.in
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 07, 2026
Valid Until
April 07, 2026
83 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
75:F0:B6:3D:B4:11:D8:05:A4:22:E2:67:5D:67:91:F6:07:6F:6C:64:B6:5A:20:FB:0B:A6:9E:32:23:E5:39:D3
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
hashcodesoftware.com
www.abadialaica.com
www.abdullahsumbal.com
abrehman.site
assistant.ademaid.fr
www.akshantjain.com
patterns.alexjball.com
antoniodoradosalguero.com
artistmgmt.org
autopasteapp.com
demo.lcfi.autorolainspect.co.uk
demo.rc.autorolainspect.co.uk
binarywolves.space
boariomasterclass.com
www.brenoavelheda.com
brenosouto.com
cabradati.com
career-fusion.com
carlostapiadominguez.com
chopinthroughthewindow.com
ciotlabs.com
vento.co.id
careers.funxon.co.in
www.cornfieldvoice.com
craftwork.global
app.crispurl.com
video.crosslog.life
devandchill.club
devfest-2024.developers-group-dijon.fr
devulsoft.com
app.digitaldentallabmg.com
dragonridergames.com
yegnataxi.dunyatech.com
durgaitravels.com
easy-aao.com
edapsikolog.com
entrecampos.org
etmclovin.co.uk
www.eveezi.com
fannie-and-giannis.com
faviconforge.com
smart.feedbucket.io
focus-admin.com
gamestason.com
ganarefacil.com
gingersexkitten.com
godrejmajestyphase2.com
healthpointsfitness.com
www.helka.krd
namnguyennn.id.vn
nghiant202417258.id.vn
incognitab.com
app.infiposs.in
interlinkgame.com
aplus.ndh.io.vn
jarowahouse.pl
www.jarowahouse.pl
jesse-schneider.com
www.jeyprotein.online
jforbes.io
greendodo.jingjietan.com
jpcustomworks.com
jurinsystems.com
rsig.k7-software.com
www.kgshia.ng
laketahoevacationrentals.org
landmtodo.com
logik.ae
www.lupuslabs.space
mnmcleaningllc.com
app.mscloud.xyz
static.mscloud.xyz
www.mycoffeemap.app
myvcardgh.com
newyorkfashionhouseinc.com
nodeanshepherd.com
nritracker.com
galt.optimatech.com.br
www.plaquer.co.uk
ko.purephotos.app
purviewx.purviewtech.ai
www.reap.studio
renzocallachavez.xyz
sexygear.store
shelleylegion.com
signershub.com
starthaven.com
stov.io
www.timelogger.app
bancoveridico.timp.io
transportestec.com.mx
adm.truckmaster.app
tumin.io
chef.ummejahan.com
reporting.mojo.una.events
vergba-app.no
www.virtualfriend.ngo
overlay.xcwalker.dev
xenikii.one
xoalgestion.com
Other domains in certificate