Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=invoise.primosa.in
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 29, 2025
Valid Until
March 29, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BB:2F:C0:21:F3:AA:96:67:83:C9:FB:43:4C:CB:A5:7F:63:02:9B:FE:69:93:23:64:A2:43:05:77:0F:2A:4D:E2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.kingfishercc.co.za
2025.ulsteinsf.no
bud.3rm.fr
ontology.acomagu.me
wheet.acomagu.me
agrosafran.com
ai-synapse.org
fungus.allesbunt.ch
anywheremed.ph
app.saude.atla.pro
badomimarlik.com
www.bardibasdigital.com
boligassistent.no
www.browserfocus.com
www.byondfx.com
callforhelp.co.uk
testusdz.cmouse.app
kidsattractions.ynet.co.il
www.liquourlogic.co.ke
www.codesharkai.com
collegeclub.io
swipe2date.sameerlamichhane.com.np
der-pate.crime-cases.de
www.daebaktongsin.com
www.deepransom.com
test.chargepointgrants.dft.gov.uk
divyanshvijay.in
www.drvikramaditya.com
echoscams.com
www.energia-siedlce.pl
www.esgie.com
familiphonecell.com
builders.flowco.com.br
gbridges.app
globalgors.com
www.haffe.fi
curator.heny.app
nguyenduykhuong.id.vn
portal-bradescard.inter.mx
www.jamdesignsalterations.com
admin.jdla.org
webcontroller.jiroplay.com
jobprefer.com
admin.kabadmandi.com
www.kangacoach.com
www.karanmishra.dev
auth.legacyoasis.uk
www.lorenzobaratti.it
www.meergraph.com
meetmaeva.com
metsights.com
mjdispensary315.com
www.neuroamar.com.br
nevansgibson.com
actions.nology.io
admin.northfi.com.br
www.ntcmuhendislik.com
beta.palmexus.com
beta-control.picks.com.br
pilapptes.com.ar
www.pointseasy.com
invoice.primosa.in
invoise.primosa.in
prototypekit.com
qalames.com
www.qubic.market
xldor.nullpro.qzz.io
rafsoft.com.br
book.appt.rapo.app
regioexpress.lat
lp2f.resperate.com
app.restok.cl
www.rudzani.tv
www.sandbyrum.se
palace-staging.scouthub.app
serverlessworkshop.dev
vtc5.simpliroute.com
www.smartcineplay.com.br
speech2subs.com
spirus.app
spotted.gi
staging.sspnet.nl
bodafatimaynestor.swanmoments.lat
development.tadaexperiences.be
taiga.fit
payrollv2.texcloud.app
www.therockies.es
tintpreneur.com
www.touchingtheart.app
www.tripeo.app
adroguerunning.turnosweb.app
payouts.ufunded.com
www.usac.app
v2amdischarge.app
www.vashongo.com
recorder.video-recruit.app
www.voloventures.co
tetroblocks.vshyrochuk.com
www.waxvm.com
zanegrowth.com
Other domains in certificate