Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.4leaf.co.in
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 24, 2025
Valid Until
February 22, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7A:07:96:98:B1:14:1F:54:70:97:AD:F4:9B:C6:05:1B:48:89:AF:0E:2D:D5:5F:FF:71:78:38:0A:3D:AF:EB:EB
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
ipmmakine.com
firebase.aldebian.com
app-vitabilanz.de
account.arrowhealth.io
www.barnyard-noises.com
angular.byronbrown.dev
app.caveo.ch
eternaltech.co.in
www.4leaf.co.in
www.eternaltech.co.in
www.taxplan.co.in
www.enviwise.com.my
hml.conectagrp.com.br
cpopsistemas.com.br
undial-test.service.deloitte.ai
drdeb.co.uk
www.eigopurezen.com
einfach-anstellen.com
ejadclub.com
www.elementalexperts.in
chapter42.epseelon.com
dashboard.evnlogistics.com
examrider.com
kboxrise.fiflboard.com
fluxion.at
a0ip.foodle.su
foodmoa.kr
url.gianmario.it
pages.guru-pon.com
www.haidarcorp.com
happyontheroad.eu
hiddenuser.com
www.homesteadr.co
www.howardsbb.com
stage.infoskop-dentalxrai.de
www.israeltshitenge.com
isswarrajgopee.com
research.jingjietan.com
jjvflooring.com
www.jkpalace.com
www.jorickvanhees.com
jptademe.com
knowlabgroup.com
kubwaventures.com
c.legala.no
www.limousineintexas.com
mta-sts.linjacobs.com
dash.lisa-iot.pe
www.macro-cheat-sheet.com
seshat.maferland.com
sp.makorino.com
dev29680.mana-surf.com
milescape.com
minamidayo.blog
chopp-fralda.mrjob.com.br
neerajsunil.com
app.nextmoveshippingja.com
nomoscribe.com
watch.noodoe.com
nurfed.com
staging.link.omgevingsalert.nl
ear.orchestra4edu.com
oyandow.com
piercingserviceuae.com
popeknft.com
portorchardwebdesigner.com
prende-la-luz-tu-luz.com
qcha.ovh
raneentech.com
rentkirkland.com
restfulmindco.com
reymondmontero.com
rivianarms.com
robertpauw.com
happy.ronne.dev
sagaraglobal.com
order.scanalyticsinc.com
scribblecal.com
stage.simplesell.com
titan.onyx.site2020.com
smartdream.es
nesbru.snapmentor.no
sniffmydrink.com
solar2dmarketplace.com
stockbetstalk.com
open.studentfy.com
www.tangiblebytes.co.uk
taralnest.com
thecerealmixer.com
mix.themediatrade.com
www.thoughtafter.com
tokyo-neet.com
www.tour-pins.com
app.unrambler.com
vladimirgutierrez.dev
wordydoo.com
www.yeahlife.com
www.yomumo.net
you-mingle.com
zazzy-ai.com
Other domains in certificate