SSL Certificate Analysis for app.unipay.club - Security Grade & TLS Configuration

Open Cached · just now

78/100 SECURITY SCORE

Certificate Information

Subject

CN=www.islandbridgepartners.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

November 20, 2025

Valid Until

February 18, 2026 73 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

89:EB:E9:C4:60:C1:C1:37:11:4C:1D:7E:93:A4:A6:FB:BB:E2:27:2C:28:06:C8:69:19:63:00:F8:C6:1B:3D:33

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Weak

require-trusted-types-for; report-uri; object-src; +3 more

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Present

ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Significantly strengthen CSP directives
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

app.unipay.club

Other domains in certificate

240800.xyz

269914.xyz

acaperap.com

akashchandran.com

subscriptions.amicalabs.com

www.anandconsultancy.xyz

www.andiablo.com

cms-static.dev.antiqueoverlord.com cms-static.prod.antiqueoverlord.com

calculo.app.br www.calculo.app.br

bendesollar.com

bit505.com

www.bitrotsoftware.com

sample-app-react.carto.com

chloop.com

cintralis.com

cms.clarityssu.com

clearretro.com

code-pushup.com

cic.collinxchina.com collinxchina.com mic.collinxchina.com pitch.collinxchina.com

nishandangi.com.np

www.serpoh.com.sg

www.bodrumbambu.com.tr

conpedia.info

demo.coparenter.pro

count-test.269914.xyz

djionidev.com

www.eagle21.jp

web.elpapusupremo.es

app.emolights.com

enscygen.online

ewanj.co

www.findbear.app

parts.internal.frc8033.com

reviews.frendorf.de

galaicacarpinteros.com

www.getbeat.com

getgrowingwithjordan.ca

greentecengineering.com

greetinginvite.com

groupiemend.com

www.growingpainsbook.com

app.grupokocars.com

hrpinfotech.com

lifeplus.in.net

www.islandbridgepartners.com

johntylermccarley.me

www.junctus.net

demo-parking.junkielabs.in

www.kashsteel.com

app.legalone-analytics.com.br

docs.mentaport.xyz

metroglobalholdings.com

regi.mithibaikshitij.com

app.mjunoon.tv

www.mygiftacademy.com

agendar-homekit.mymoons.mx

ochterbeck.de

get.openkey.co

www.orgzly.com

mix.pathway.vn

petetheyeet.io

hello.pixelgenau.com

pkth.co.za

app.plusthat.com

hooks-staging.pottos.jp

track.protexivegps.com

www.psikologevim.com

shipbob.rabot.us

www.rahulsood.com

review.sandsberg.de

scolarlyedge.in

plunder.shadrach.dev

snapill.com

kemna2.solongo.app

somlfinventory.com

songmu.jp

starzl.com www.starzl.com

stox360.com

syntelgov.com.br

task7.co

techsaleswalt.com

m.touchplan.io

traficowebcam.com

tricolors.app

staging.truesafetyeval.com

unbrandedcattle.com

westleytan.com

satsang.work121.com

www.wyrddata.ai

xbrief.ai

sonapaper.xyronovo.com

yahdig.com

yieldproindia.com