Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=karvay.in
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 09, 2026
Valid Until
April 09, 2026
83 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B3:44:B3:12:86:EC:43:33:F6:5C:C9:2D:F2:09:53:5F:10:30:B2:F1:49:81:09:57:D7:01:08:55:6A:C6:E7:76
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
pineapple.pictures
011231.xyz
www.1948mgt.com
3whitelines.com
live.7founders.com
abbapsicologia.com.br
www.adityashelke.com
www.affilliatenetwork.com
www.ambervalleyschool.org
test.andoresudevs.com
audenvoxleycomms.com
admin.autodriver.cl
www.aztecasys.com.mx
links.baneks.com
bannisterpr.com
www.stats.baseball-connections.com
boogz.network
internal.byvinci.io
beta.calebplain.com
www.celynxie.com
chatswiss.ch
claradravelllegal.com
www.rashailinfotech.co.in
kosiachtany-staging.grobox.co.ke
dawinstone.co.kr
saludatualcance.com.do
sat.com.pr
www.ekdant.com.sg
ctrlzdesign.com
davidgalvis.com
dentalcare-guide.com
www.digitrack.online
www.eiebox.dev
einoapp.com
www.eshannimesha.com
www.euro-cross.de
euslenergy.com
experimentalwebpage.com
finepixedit.com
www.garage-pass.com
www.geognosis.app
www.goodctzn.com
granmeal.com
www.hyper-aire.com
ibrahimcehic.site
ifixft.ca
newstage-foodcourt.isthara.com
ivanbellezza.com
ivanoiualex.com
a10recipes.jamesonb.com
kanau.page
staging.kangacoach.de
karvay.in
khanoo.com
www.kohinoorr.in
laffoca.com
lakahawaii.com
laqoo.id
layilahnasser.com
www.lighthole.lk
loserthovaobrazy.cz
admin.lunafood.com
my.maare.app
madsamcomics.com
manuellopezreviriego.com
app.mesac.org
staging.mlink.no
munice-hluboka.cz
www.mygaragepass.com
onb.kz
board.opwoco.com
app.pakmo.co
apps.playnexx.com
devchatengine.proxtera.app
artesanal-imobiliario.qitech.digital
www.qsoftsolution.biz
bridge.test.rpm.quokkacare.io
www.riskeeper.global
rizzapp.tech
www.rocketeer.fans
motorista.rodeiro.com.br
rumon.shop
www.searockinn.in
journal.seefar.dev
www.sridroptaxi.com
svjsconstructions.co.uk
nolhagaberg.tftc.app
i2.digitalservices.theskyfallen.com
tolivesober.com
rollup.twsk.io
umangjalan.com
unicollectors.com
api-omega.upflowy.com
wex.vaultps.com.au
viscerallabs.com
stage.wagnerguide.com
welcomehomesecurity.net
dl.weye.in
world-trip-express.com
link-brompit.mokitadev.xituz.com
Other domains in certificate