Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.ubiforecast.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 23, 2026
Valid Until
April 23, 2026
77 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F8:AE:60:36:0D:B2:D9:52:72:72:FC:6C:44:FD:DD:C4:A5:CC:B2:D1:B0:E8:3E:1A:7C:9F:EC:67:7E:03:E6:BA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
beststore.app
thd-820-cert.3dcloud.io
www.abenzaggagh.com
adamtvapp.com
adaptivepomodoro.com
agilernd.com
almaglobalstrategies.com
www.aloksi.hu
www.alvenezia.it
amcostudio.net
amfi.ca
angelstrail.com
artivistfoundation.org
aslangroup.ca
astroanekant.com
atlantaloverseas.com
pac.attf.xyz
autohirebot.com
berkayvuranok.com
havmiljovogter.bigweb.dk
brainzdigital.com
www.bucatekel.net
www.cghomes.co.uk
moneyplaybook.coachjfinancial.com
code-pushup.dev
www.codecraftedphysics.com
beta.communoo.com
admin.conciergia.ai
creditoperola.digital
www.crowdform.studio
www.decisiontreekt.com
defycars.com
dentalexcellencehyd.in
chat.dittrium.com
drovto.co
eis.gg
go.mailcraft.eu.org
eyeofthetiga.com
fightmyticket.app
one.fringe.nl
shopify.gaborpinter.com
go.gasbuddy.io
creative.gctc.in
gpt.staging.geoanalytics.group
hotelacaciainn.in
link.huerzeler.app
ineteduca.com
business.inzarys.eu
jogo-app.com
kaankahraman.com
getapp.kaching.ai
kipruto.io
korshem.net
senano.lapieza.io
livestudiopro.com
looky.cloud
teste2.lupi.delivery
mcmaestranza.cl
www.milumino.app
app.monmenu360.fr
cv.morichonclement.fr
supply.mosil.app
mybitsolutions.in
namekeeper.info
live.navkargems.in
nitesolutions.se
onepercentdeal.ca
portal.oryxmovementsolutions.com
perasusa.app
www.phroob.com
www.pluspoint.charity
www.printzz.nl
profjosecarlosalvim.com.br
undivided-identities.rereeti.org
www.saascadetech.com
barkeep.schism.co
management.shiseidothestore150.app
sked.ai
staff.dev7.skool.sg
checklistapp.adminpanel.teampresence.in
www.teashopfranchise.in
www.techrave.com.au
www.telawa.app
movie.thanawat.dev
theatrix.app
signals.track49.com
treelog.io
www.trevelo.app
www.ubiforecast.com
vaijaentregas.com.br
app-enterprise.velauto.com.br
veterinow.it
app.vifil.com
ssc.vldzgroup.com
wgora.com
auth.wholeheartedly.xyz
deancollege.wiselysoftware.com
wizrds.co
fireadmin.x2mobile.net
zuporiabitehub.cloud
Other domains in certificate