Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.getzippin.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 21, 2025
Valid Until
February 19, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DD:04:AE:1B:29:4C:1C:C1:39:A5:70:76:9A:19:BA:79:17:7A:1E:C2:FA:CE:B0:B3:79:18:5E:BF:5F:05:E0:D3
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
mywater.agency
www.africa-foods.com
web.airgift.app
alienbrains.in
annaangeliqueporte.fr
postcard.anthonynolan.org
dev-pos.apps2serve.com
ask2ai.app
my.atcha.app
masque-solaire.azimutis.fr
tss.bal.sg
www.bandlib.com
bileier.app
bluerimba.com
braun.app
wpbl.cao.app
links.chalkboard.io
trainer.cirqit.app
cloudscaff.com
bangtansoft.co.kr
notes.code2d.org
app.fanpay.com.tw
portal.conny.tech
copseauto.co.uk
editor.cv-quick.com
www.devinowen.com
dgoossens.nl
www.dgrexcavating.com
www.digiwil.nl
e-periwinkle.app
www.ecofureteur.org
effie-guenther.com
pharmacies.essentialclinic.ca
www.evtn.co.jp
weight.internal.exi.tools
staging.ez.plus
www.farmball.xyz
app.feemagie.com
dev.flagseeker.com
lift.fndrsng.com
career.forbesjapan.com
fx-labo.app
geeteeholdings.com
app.getskylar.com
app.getzippin.com
hackd.net
hauntable.top
bustadklubben.hsoldal.no
idproductions.co.za
meditation.indianclassical.org
app.indiskaboxen.se
www.inviolavelmaringa.com.br
www.isciencepoint.com
app.juggleboard.com
payments.kavkrishapps.in
kooh.me
hris.kukerja.id
platea.legasint.com
dev.partner.lunchnow.com
maladjusted.live
mattlorne.com
www.meet-think.com
www.app.minorganisation.se
www.mistergreenlease.co.uk
qr-code-generator-web.mohammed-najib.me
guild.demo.movello.se
muditkapur.com
www.multiplybing.com
naboo.capital
www.ama.ne.jp
peterfarm.neverland.finance
omr.tw
www.opdrburakbayraktar.com
opti-fit.su
dev.orgnicer.de
www.pixs.app
pnp-utils.de
bv.qp.is
qurankarim.app
open.rastreator.com
researchdesk.io
www.rianor.com
rinky.wtf
ruzsadent.hu
www.sifty52.cz
www.slaveous.com
adnetwork-adhost.spaceeight.net
www.sportsvision.co.za
strabar.com
studio360photography.in
www.swiftaccountants.com.au
steps-beta.synthesizer.tokyo
www.tarnokymezes.hu
www.tawalab.tn
pinklive.the-pink.club
john.virtually.coffee
www.visheshdev.in
www.voxigoaac.org
link.wedew.id
wyrddata.ai
Other domains in certificate