Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=netcabs-hub-test1.ingogodev.net
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
46 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
09:D3:67:BE:BD:21:2D:CE:48:68:87:46:B5:D9:0B:65:83:0D:43:C1:08:9E:8F:F6:26:01:7F:D6:D6:1B:2F:75
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Basic
default-src; script-src; style-src; +4 more
default-src 'self'; script-src 'self' 'unsafe-hashes' 'unsafe-eval' 'sha256-y/q4gAHX3ti09JVdEcf+ebIVeBS679lam8tp+ZY6rvE=' 'sha256-MhtPZXr7+LpJUY5qtMutB+qWfQtMaPccfe7QXtCcEYc=' 'sha256-1jAmyYXcRq6zFldLe/GCgIDJBiOONdXjTLgEFMDnDSM=' 'sha256-13AlQYCI1lUfFpJchf4+6xKpe5l5q35faI2w1NMVAxk=' 'sha256-p+s6bIZ/k2r3VJXmIPTZuYNlsKJJj6lrtfcUGUYkxvQ=' 'sha256-0TAc5oxL29Urje6gLw5FNF9sboPEEX6wY0b94tTMC/g=' https://www.google-analytics.com/analytics.js https://js.intercomcdn.com/ https://widget.intercom.io/ https://www.googletagmanager.com/ https://www.gstatic.com https://www.googleapis.com https://www.google.com/recaptcha/ https://www.google.com/recaptcha/api.js https://www.google.com.uy https://apis.google.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src https://fonts.gstatic.com 'self' ; img-src 'self' data: https:; connect-src 'self' https://*.3diq.com https://*.cloudfunctions.net/ https://api.ipapi.com/ https://analytics.google.com/ https://www.google-analytics.com/ https://stats.g.doubleclick.net https://api-iam.intercom.io/ wss://nexus-websocket-a.intercom.io/ https://firestore.googleapis.com https://*.firebaseio.com https://*.googleapis.com https://www.google.com.uy/; frame-src https://td.doubleclick.net/ https://docs.google.com/ https://*.firebaseapp.com https://www.google.com/recaptcha/;
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
cpshr.3diq.com
auth.adacreate.com
adnanben.com
justicelens.ahjim.com
www.ajmannow.com
algorithmeq.com
www.amulent.com
andrewkolarits.com
amfam-cfr.askkodiak.com
athrollu.com
atlyapim.com
aushorsetips.com.au
support.automagicalapps.com
avada.click
www.sports.backwoodmedia.com
www.ballycastle-accommodation.com
hierro.barcelomulet.com
portal.businesses4sale.co.za
stagingold.careerustaad.com
qr.otospector.co.id
docs.color-sensing.com
coltonoconnor.com
app.cullet.me
www.cybintcentre.com
app.doc.ua
dreamteamcinema.com
dso-tavern.eu
wave2appdev.embrlabs.com
event01.app
community-survey.exploredata.app
hissa-tamweeniya.feed.app
fexmembbs.com
mailmgt.folgo.app
auth.forelens.com
gcpawards.com
customers.gearpos.com
www.getsafetycheck.fr
myfootprint.globant.com
dev.nurture.goama.com
www.golfoutfitters.com
gracecleanaz.com
www.gudogames.com
hardly.app
hellojona.com
hernansilva.dev
www.hextrategic.com
s.hotplate.com
ssm.iatelecom.com.mx
netcabs-hub-test1.ingogodev.net
web.inlisty.com
inscist.com
www.joegosselin.com
jslabplay.com
creator.justtempo.com
kiddol.com
komdog.club
koral.ai
liesgame.com
my.livingprint.com
ww.luke-roberts.com
www.mcapp.ch
www.meaf75.com
meister-maler.ch
micktoronto.com
www.minotter.com
mixpix.app
www.mlabelmedia.com
new.movingshortly.com
www.muntha.dev
mvpinfotech.com
usuarios.mybiznez.app
myqrcard.app
networkutility.app
nexgen-apps.com
olis.agency
app.ombrelleria.com
phroob.com
primal-performance.phros.ca
practicalvr.com
propo.fm
myaccount.proxyperk.com
rmstaff.ca
www.santoespiritu.com
securecode.app
shimmrstudios.com
demo-admin.sqdash.app
cloudcomputingbeginner.app.studybuddy.guru
swissgameguides.app
www.sys9.co.jp
apply.tadatada.com
techogma.com
app.teh-connect.com
tooluzi.com
clubdecampo.urbin.app
www.velocitywallsystem.com
www.webgeon.com
simon.whomever.dev
admin.workshop-live.com
cv-dev.yalantis.com
booking-dev.yourtempo.com
Other domains in certificate