Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.pos-rest.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 22, 2025
Valid Until
March 22, 2026
70 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1F:07:5B:93:5E:64:72:47:86:F5:3E:EC:20:A4:16:AB:05:41:09:EA:9D:A6:88:94:15:FB:5D:26:A1:6E:A2:C5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
novigado.org
alejandrofernandesantunes.me
www.anotend.jp
cdnstatic.arbul.it
benstrobel.de
links.berlinhistory.app
brellahomes.com
gcp-us-east1-08.dev.app.carto.com
cleancrazeni.co.uk
bhagyesh.co.in
creatoors.com
www.curtiscali.dev
cyberlabstudios.dev
deltaprompt.ai
admin.dosehelper.com
www.drogariasorange.com.br
www.drsamuellenald.com
espacoceramicaimoveis.com.br
evelope.app
app.fichaje.cloud
filipearruda.com
fivesix.app
www.flatbread99.de
web.friendtab.app
expenses.geocentral.pl
auth.gleeo.com
app.greenlink.dk
guyenergy.co.uk
www.halfcourt.app
healthmatters.insure
hirist.us
www.icomuae.com
indvstry.app
blanchospital.hml.portalcliente.izii.io
jobsintech.live
karate-do-prien.de
kevincartersmith.com
portal.khalha-lk.com
kieronsmith.co.uk
limpiezabrillanet.com
dashboard.llamalink.ca
go.lochbox.app
chat.logivan.com
openquote.logivan.com
maxidecesare.com.ar
mealmachine.app
www.mikezamayias.com
millylee.info
go.dev.mo-t.com
webapp.mpn.rip
www.diagnostics.myprism.co.za
esign.nablasol.net
pic-sgdefraud.mentor.neccton.com
www.newartisan.it
www.nikolaevadesign.com
www.nummels.com
okdsc.com
perfai.ai
pezziimoveis.com.br
plantpoints.app
plusabana.app
link.pollsforimessage.com
app.pos-rest.com
intra.ppkbh.dk
praguerocks.cz
proactivist.in
prodyogikisol.com
www.blendcharonne.order.pulp.eu
reactradio.dev
www.robert-roehlinger.eu
www.robotjurist.nl
tools.samolink.com
agenda.scalifra.net
scamcheck.app
www.shoharab.com
shopsnearme.app
contact.smartcart-tech.com
reports.smirkus.org
sociary.app
sparx.fun
splashysprint.com
edu.steamplug.com
strangepunk.com
www.tactibots.com
test.techcareer.io
portaal.tfh-holland.nl
map.thinkair.co.uk
tmdemolition.com
triamisi.gr
ukdrivingtest.trutest.in
iu.uniti.life
unluckyvalidators.com
peter.ursem.ca
vastavya.in
vibecook.app
app.visionnanny.com
status.voto.vote
web2app.app
admin.fuas.wowdesk.jp
yourdesignjuice.com
Other domains in certificate