Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=cherry-app.kpos.store
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 03, 2025
Valid Until
March 03, 2026
83 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
7C:79:18:B2:95:CB:94:C4:91:15:26:32:2B:57:64:2D:34:C5:EF:00:CC:2D:75:B5:FD:A8:34:E4:E1:A2:D6:DA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport,script-src 'report-sample' 'nonce-Nji05pQ2KfvyQQh2A5igRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.thequranclassroom.com
internal-admin.acuizen.com
aerialwallpaper.com
screeenshot.africasunrise.com
app.allezemm.at
contacto.amco.me
www.anuplifestyles.com
artigoquinto.ai
bananapicker.com
google.blobattack.com
blogee.co
boomerchecker.com
app.brightchecker.com
brittoapps.com
app.butterflyit.com
kids.byjus.com
telco-demo-react.carto.com
i.chiper.mx
demo.chlcharts.ca
cmpltr.co.uk
www.cmuchippewascamps.com
smmile.co.bw
chefintlv.co.il
akshikacarecentre.co.in
coastalislandcove.com
computerproblemsolved.com
contactusnow.in
serl.cxipl.com
dashlms.com
datahorse.ai
daylight.hr
link.defleppardgame.com
devflix.io
dexrider.net
dhamaka.cricket
dharrison.dev
easypackapp.com
eatonomy.co
emiiwado.com
polls-msgs.polls.ewuraba.co
financialtrex.com
football-system-book.com
admin.forallcommunity.com
links.forghetti.com
genalytics.co
gesatel.com
gialb.club
go-schwerin.de
growthstudio.in
hwcoin.org
ihcp.io
ikude.jp
web.appdemo.infobrcorp.com.br
m-ai.jombay.com
cherry-app.kpos.store
links.kurobi.app
www.laaroussi.dev
lazerthrust.technology
mrtracker.app
niftycards.shop
nonodename.com
ciam-dev.norbr.io
www.omnitechelectronics.ca
aoc.orwig.app
www.philipp-ladich.com
pijuan.dev
link.pipfeed.com
pracakomisje.pl
www.toolbox.qlouder.com
www.qurrehealth.com
adminpanel.radiosa.biz
my.referencing.app
storybook.samply.app
bournemouth.scouthub.app
www.sharonandjake.info
www.shosuzukidesign.com
sosclickabogados.com
hantsch-app.speakylink.com
sphoorti-tools.com
stickersromania.com
www.subacom.com.pe
table4.ai
animefilter.tapuniverse.com
thehikingguys.com
www.thesainifoundation.org
thesaurum.thetislive.com
thomaszachariah.com
tiktokdo.com
timur.dev
owls.tokapp.com
toplay.app
laufcampus.docs.trayn.com
twinpacs.com
app.unspun.io
verbaholic.com
verbsofmotion.app
www.vishalaiely.com
mieter.woonig.app
xtopia.me
patyegarang.yalbilinya.com.au
Other domains in certificate