Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=plan.incon.ai
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 04, 2025
Valid Until
January 02, 2026
53 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1B:F5:59:7A:8F:7E:21:78:4C:24:47:00:05:88:60:3E:1F:C9:C6:70:44:6E:53:B8:2B:1D:61:83:74:75:C6:0C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.match-analytix.com
app-plus-scoring.1stcutoutings.com
web.5f.app
www.amanda-matthew.wedding
amitdante.com
architex.at
admin.art-code.co
admin.bacchic.co
bluecoppertech.com
i.brite.co
brococo.co
www.cabinetscanner.com
cargonowlogitics.com
changera.co
chittaradangala.com
cicalasound.com.ar
app.teletext.co.in
boxoffice.tikiti.co.zw
codesense360.com
cecilwhig.column.us
wj-ku.kuracjusz.com.pl
monitor.juango.com.uy
www.connexusdigital.com
conny.sg
signin.continuata.com
oceedee.css.club
www.danieloreilly.ie
degerbul.com
bisnis.deoapp.com
www.bagnolet-noue.desirsgeographes.com
rhfacil.dgsys.com.br
dipendentistatali.it
easehealthapp.com
app.edhstat.com
lds.edsys.com.br
escaperoomwaiver.com
schema.ethanvoth.com
cruzeiro.rafaelabreu.eti.br
app.fadeawaybunny.com
fastorder-app.com
www.fun-facts.nl
go.funeasylearn.com
dash-dev.geniusrepair.it
getbauen.com
finanzas.gfranzella.com
app.go4guiding.co.uk
gplps.org
green-zone-turf.com
grip-athlete.com
www.gsmath.com
www.hannapetersson.se
higherlowermovie.com
www.highs.info
excelinn.s.hotekan.com
iamasoft.com
doandaiphuc.id.vn
admin.ijaarahub.com
plan.incon.ai
mvl.plataforma.inobram.com.br
ipresso.tv
kama.co
lalomts.com
www.lendl.co.za
magicexhibits.com
www.magnusnilsen.com
mamaavinka.com
forms.mantra.chat
app.matchmx.com
aclass.mka-karate.org
manager.mymagicchat.com
www.nut4health.org
sellers.offerte.club
anebhi.ge.orchestra4edu.com
verify.parscoders.com
outlets.partsportal.co.za
produktpass.se
roderick.purwana.net
lp.realcross.co.jp
richmondrodandgunclub.com
rishabchakraborty.com
web.roundz.jp
www.ryanskeg.com
www.seanap.tech
profile.t3i.fr
stage-job.teammaker.info
dd.tecfy.co
hyundai.teuestoque.com.br
bowlingclub.threeword.com
www.tomkamphuis.nl
app.trackcargo.co
rentmanager.traser.io
emr.tsiba.io
capstone.ucn.cl
www.vaxljus.se
www.versus-experience.com
develop.vocacoord.com
www.wijn-proeven.nl
windoe.band
card.xptoconsig.com.br
kiosk.yaks.club
Other domains in certificate