Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.ursem.ca
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 25, 2025
Valid Until
January 23, 2026
59 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B6:B1:2C:2E:B1:D1:B4:B1:10:98:0D:FC:DE:57:34:21:D9:C3:4D:A7:D3:30:D3:2C:33:F5:79:A2:CE:D1:1C:AD
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
c4f.wtf
academyonboard.com
sample.acgagency.com
firebase.activatortube.com
fb.alerzo.com
www.alexandjanine.com
www.andromedacircus.com
antikus.lt
apeiron-vr.com
arafimam.com
aummetals.com
bhmun.org
www.bingokeynote.com
phonics.brainsprays.com
community-service-hour-finder.brendanharan.com
uhcpbc-storybook.bswing.com
www.cavargas.com
admin.2ndhome.co.in
cochonbyob.com
webapp.dev.conroo.com
darth-coder.com
datawarehousegh.com
www.dgd.business
dlynett.com
fattypattyrestaurants.com
fkatelyn.xyz
www.flowpodcast.com
restaurant.dev.fuocos.com
georgiaproud.com
dev-swornstatements.gettonote.com
devlinks.gintaa.com
m.goondae.com
hhp-s.de
www.ibuprom.pl
adobe-staging.ideacloud.com
flagga-stage.ingka.com
itmr.dev
ivanscherbina.com
karaar.com
kallakurichi.kishoredroptaxi.com
kanyakumari.kishoredroptaxi.com
nilgiris.kishoredroptaxi.com
thiruvallur.kishoredroptaxi.com
londres-dev.klarway.com
laperlaht.com.mx
www.locusstore.com
mygolf.lovable.solutions
orgalife-admin.m1studio.co
magnilavis.online
dskru.misschool.net
mohalkarplumbing.in
www.booking.monachriding.co.uk
mprojext.com
dl.msiejak.dev
gifts.my-christmas-buddy.com
dashboard.mynextderma.com
roggiafanpage.nglcila.com
nolabelsboxing.com
www.our-company.ru
www.panelrambok.hu
reality.pawsey.org.au
petastorm.com
www.presenting.xyz
www.prosafeacademy.org
purrcoin.org
web-conset-staging.redfox.dev
redsensei.dev
www.refreshphase.com
restoguru.in
www.sahlhub.com
www.searchera.io
www.serboli-bureau.com
app.simplyrealtech.com
hellogm.snnanalytics.com
www.spvdeepak.com
app.sunexpress.com
teamwinter.nl
techsline.com
topr.tennander.se
chuyenkhoan.thanhdt.dev
www.thatdogmachine.com
dev-viewer.the3dapp.com
www.thecleanwaterpool.com
app.thelewisclub.org
thelotusarc.com
titlewhale.com
app.topotemps.com
www.toybrush.com
help.tutorme.com
www.universalstudentuk.org
app.untzuntz.com
www.ursem.ca
www.vigobeatz.com
www.vinayvissh.com
visitkota.in
webetapp88.com
portal.wellings.net
wizepeeps.com
www.pointers.xtalstrategies.com
dev.app.yuzu.hr
Other domains in certificate