Open
Cached
·
just now
89/100
SECURITY SCORE
Certificate Information
Subject
CN=www.smdia.in
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 17, 2025
Valid Until
February 16, 2026
73 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4D:AF:4A:33:01:7E:44:35:39:D6:F4:98:A9:63:88:73:A7:BA:30:18:64:87:87:A1:44:52:A3:CC:36:E9:D8:86
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
Content-Security-Policy
Basic
default-src; base-uri; object-src; +11 more
default-src 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'self'; form-action 'self'; img-src 'self' data: blob: https:; media-src 'self' https: blob:; font-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval' https://www.gstatic.com https://www.google.com https://apis.google.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://cdn.sheetjs.com; script-src-elem 'self' 'unsafe-inline' 'wasm-unsafe-eval' https://www.gstatic.com https://www.google.com https://apis.google.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://cdn.sheetjs.com; connect-src 'self' https://identitytoolkit.googleapis.com https://securetoken.googleapis.com https://www.googleapis.com https://*.googleapis.com https://firestore.googleapis.com https://*.firebaseio.com https://firebasestorage.googleapis.com https://storage.googleapis.com https://www.gstatic.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://cdn.sheetjs.com; frame-src 'self' https://acceso-recursos-uteq.firebaseapp.com https://fcienlinea.web.app https://fcienlinea.firebaseapp.com https://fcienlinea.uteq.edu.ec https://accounts.google.com https://apis.google.com https://drive.google.com https://docs.google.com https://*.googleusercontent.com https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://fci.uteq.edu.ec/ https://www.youtube.com https://youtube.com https://youtu.be https://*.youtube.com https://www.canva.com https://canva.com; worker-src 'self' blob:
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer
Permissions-Policy
Present
geolocation=(), microphone=(), camera=(), browsing-topics=(), attribution-reporting=()
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
fci.uteq.edu.ec
4youlavanderias.com
fdportal.advanced-compliance.com
develop.app.aeru.party
aienergyleaders.com
deeplink.ann-zdrowie.pl
qualitychamp.apxor.com
www.aroundtheworldzy.com
www.arquests.lv
asmar.work
auva.uk
www.benderio.com
blackmird.nl
blacksite.email
innovasur.bracelit.es
carehubbilling.com
portal.carmichaelphotovideo.com
hml.meu.clozzy.com.br
testconsent.ktc.co.th
admin.goldpot.distinctmedia.co.zw
www.armoire.com.uy
courssat.com
quiz.rnd.customertimes.com
virtual.cyngo.net
cynospace.com
www.dc-developpement.fr
www.ddld.mx
dobrymebel.com
www.e-present.ru
fabriciogomez.com
fauqi.dev
www.fauqi.dev
aisharing.frontline.rocks
website-dev.getvitalloop.com
www.goldenworld.group
safeguard.holisticai.com
hoteldonjulios.com
hs-fc.com
hscenc.com
hunabdev.com
lehuunhan1208.id.vn
www.iepsource.com
account.investably.io
www.ionicasource.com
tst.itrendfast.com
admin.jeeblynow.com
jerrysucode.com
www.jghomeimprovementrepair.com
www.jmkt.digital
juzbox.com
www.klaipeda-rk.lt
www.little-mastermind.com
app.makeit.buzz
no.mojoule.com
www.mokin.nl
www.moleculesoflife.cz
nissi.app
nofutur3.com
nomadsgame.com
www.novonext.hu
nvrkr.com
oaarquitectos.com
www.onst.cl
www.owengreenaway.com
app.padelchamp.app
app.pawfav.ai
app.iapser.photofied.tech
macq.planning.domains
anchor.poojabhaumik.com
qa.procliq.com
www.psynormic.com
invite.rappidtech.com
app.rentalios.com
repairtherapynevada.com
signin.dev.nova.labs.rle.de
roshnishivtravels.com
my-appartment.roskvartal.ru
rotaxengineering.com
mensd3.rowanhockey.com
reviews.rynx.com.au
shirtdrop.co
www.silgam.app
www.smdia.in
reviews.sovae.de
app.sozy.tw
demo.chat.srs-x.net
statesborowarhammerclub.com
webmd.labs.darkside.summersummary.com
webmd.labs.kari.summersummary.com
technomata.com
app.thunknotes.com
open.trendly.app
tuzi.kr
fiesc.insights.umanni.com.br
l.url.hr
vibetribeapp.xyz
www.vijaychandar.com
wappotix.com
wojas-bazgrolety.pl
www.workflowdigital.bg
Other domains in certificate