Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=doc-dev.ampup.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 11, 2025
Valid Until
January 09, 2026
49 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
19:1C:B3:6F:0D:D7:7F:8B:B4:CE:BE:69:5D:30:0E:DE:FD:D6:DC:25:66:73:22:D3:E4:5E:5B:02:3A:CA:B5:68
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
docs.propps.com
witness.123abc.com
www.aeltumn.com
www.aidninja.org
amberandstephen.info
doc-dev.ampup.io
em.andelicorporation.com
www.andelicorporation.com
iqacportal.anjaconline.org
apartment-nice.com
trackit.appflair.dev
judge.associationawards.ie
baileyaudio.co.uk
bardolph.co
berizzy.com
betty.social
www.bri-kuk.com
developer.bridgefy.me
www.briskine.com
www.clevertravelsolutions.com
udaan.roadcast.co.in
congaree.film
sponsor.constructionawards.ie
david-and-hana.com
judge.diversityinbusinessawards.ie
www.elbashah.me
link.emanate.live
enlacestreguz.com.mx
www.erikedit.nl
auth.evfy.sg
fcokicktipp.de
felixprinz.de
www.findpet.com.mx
finnsmarthotels.eu
x4567df.fooddisco.co.uk
www.freebiest.de
deeplinking.gainsightapp.net
radio-dev.gera.fan
zamon.honigwachs.de
auth.improvee.io
moveapp.indicold.in
swan-traveller-test3.ingogodev.net
jwelus.com
www.jyothish-ram.me
k-burkhardt.dev
room.kidskey.org
www.kinoagricola.fi
image-moderation.koode.nl
python.lectorio.cz
judge.lifesciencesawards.ie
welcome.localytics.co
maispindai.com.br
coordinator.meawards.ie
entrant.meawards.ie
liverpool-quiz.mymoons.mx
cnize-fb.nicolas-scheidler.com
www.oliverdavies.me
oraclog.com
www.batistamissionario.org.br
pascaldauer.de
www.pensioenbijdeargumentenfabriek.nl
coordinator.pharmaawards.ie
judge.pharmaawards.ie
picluna.com
bestellen.pizzeriaresan.de
auth.plotdruck24.de
deposit.acc.rallygo.eu
p78.recruiting-solutions.org
www.retr.ca
customer.rxoconnectdev.rxo.com
sandbournecare.co.uk
sandbox.app.satsy.com
mix-bee.saurabhagat.me
www.sayhello.cash
scudoimoveis.com.br
semestamedia.id
senormexico.com.au
sintecdaily.ru
www.slickwine.uk
dashboard.staging.snowmonkies.com
spacemq.com
alcmeon.speakylink.com
raf.sportingfy.com
flashfrenzyshadmin.sqwadhq.com
music.stackdeveloper.in
stidax.com
tapdive.com
tijdeman.dev
cool.unboared.com
ai-interviews.unstop.com
supertrader.vambuu.com
www.verauberti.com
vrco.site
whatauto.app
blog.wissam.ru
dev1.wittlab.kr
coordinator.womeninpharmaawards.ie
auth.dev.woopen.com
your2095.com
frida.zpmmoste.net
Other domains in certificate