Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=social-auth.bank-api.net
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 19, 2025
Valid Until
March 19, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
03:5B:38:44:0E:FE:B5:E3:77:36:2F:16:05:DC:0C:72:D1:D6:39:3B:BC:10:AE:4B:70:36:19:0B:5A:25:FA:1A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.innovativeinfotek.com
adityam.dev
studio.afterlife.ovh
www.agimexsulama.tr
aisearch.alignteamidx.com
app.ally.is
angelskimi.com
social-auth.bank-api.net
kavak.bel.tr
www.beyondaico.org
www.buddyb.co.uk
cbtjournals.com
codztech.in
colorfle.com
asgardian.com.my
www.costumesbycrystal.com
ctlife.us
culinarial.com
www.cyberapocalypse.co.uk
dalit.click
hibou.dataauchan.fr
www.dawsonfamilydental.com
deephorsetexts.com
dfwnow.online
digitalartdentalclinic.shop
dishekimiara.com
elbeytpromotion.com
www.elbeytpromotion.com
ai.elisharudenkov.com
elporten.no
emanuelemeggiarin.it
energysolutionsbr.com
engageproject.ca
kiosk-stage.enkept.com
order.estabulo.co.uk
eventolucas418.com
www.facetouchmonitor.com
fionadumais.com
fuerdich.studio
greedyworks.io
gsunsolar.in
www.gxor.net
gyantey.com
hamburguesaslafogata.com
hats.10110.dev
facilities.hotwax.io
nrg.staging.infocentre.app
links.injoynow.mx
insanosonline.com
invescoid.in
hoangbt.io.vn
itsacadamey.com
ivpankaj.online
www.jetpack-games.com
arena.joshuabennett.dev
juhelfleury.fr
www.konect.to
www.lafacil.app
lakesidemedicalspa.com
likeligood.se
manasys.jp
www.martinhenle.de
metaforico.com
webapp.midpointfx.com
af-app.murallink.com
www.osmo.dev
outbreak-social.com
order.ete-indien.mercurest.paymytable.com
pgslotenonline.live
www.pmnlpro.pk
prima-wald.de
pumavex.com
plus.refquest.dev
ribbefan.no
rune-apps.com
sepolia.saga.hot
sanketdev.com
azusa3.sanographix.net
severin-urbanek.de
simplediaryapp.com
dev.siteauditpro.com
auth.tanwir.institute
taployalty.com.au
verification.tapvector.com
link.tdchess.com
www.themarketingrobot.com
thethirdman.online
www.togetherly.me
tomhobbs.online
tristoneglobalexports.com
upzure.in
vincikit.com
mathe.waldmueller.eu
wcellars.com
wedzee.com
auth-stg.winticket.bet
zakesoft.com
qa.zinnect.com
zonai.nl
zyven.tech
Other domains in certificate