Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.upneticads.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 20, 2025
Valid Until
January 18, 2026
72 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F2:66:E2:D5:0D:24:19:DA:99:0D:C4:8D:6E:1D:6C:B8:A5:10:6D:3B:D8:C0:ED:95:00:05:9F:69:DF:3E:05:B4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
gaadi2go.com
algorick.com
www.babatechnologies.org
bannerdaythreads.com
www.bap.mx
batistamissionario.com.br
blackreconstructionasaportal.org
bleakfit.pk
caesuramedia.net
australia.catfinder.org
www.chaudhari.info
cidade.ai
clear-sky.ca
dsr.stulzindia.co.in
lompoc.column.us
www.consensus-labs.com
test.craftboard.com
crossroadsranchanddaycare.com
cynxt.org
beta.dansmat.com
www.digitalfalse.ai
districtshows.com
dreamcatcher.fun
cdn.easygolf.vn
properties.ecosystem.co.uk
abbotthmc.edu.pk
eggriceadda.com
oktomark.einsen-und-nullen.net
cloud-notify.ellisn.com
enqudo.com
www.expensesmanager.in
www.foveate.com
developer.fundwave.app
admin.gen11project.com
www.geracao.dev
doc.ghs.fr
gioartbomboniere.it
s.glampinghub.com
www.preview.greco.fit
auth.groupspot.app
hardcapp.com
hayesheating.ca
hdevalence.ca
testdoctor13579.healcard.com
staging.hoasaptenote.com
homeofsocks-b2b.de
open.hourlyjournal.com
auth.hqama.com
ice-ice.no
card.ihkk.net
www.ilivou.com
ubicatumesa.ine.mx
legacy.invita.gmbh
jamesgilbertcarpentry.co.uk
bojo-covo.jjgray.me
www.jointrusty.com
jplaws.app
www.jussipolkki.com
reilu-staging.kiinto.io
theme.kor-ui.com
kraphx.com
krea.page
www.lambhealthdpc.com
portal.beta.lode.one
app.mavieenlivre.com
m.mazdadegranby.com
leus.medewerkerstatus.eu
asif.medicalinventory.in
viewer.medipics.net
mellowj-h5.mellowj.com
www.minted.wtf
moksha-technologies.com
mtd678.online
natyoungartist.co.uk
www.nerddaselva.com.br
nordicmachinery.app
www.nosproductions.com
nuck.app
orba.top
link.pathao.com
www.poached.tv
app.poweredbypolymer.com
www.psgimpex.com
www.putrinaqibah.com
partner.platform.quiron.digital
cosmodealer.redifyn.in
rml-survey-wrscale.reflection-method.com
reivaxcorp.com
www.rentops.es
ocupacion3.rflex.io
runpython.dev
sjcdata.org
smartshoppinglist.app
spacepancakestudio.com
www.stevenandfreyafisher.com
jupiter.taisho-lab.com
icycrunch.talim-platform.com
learningparuay.unileveractivity.com
app.upneticads.com
wardeh-tech.com
Other domains in certificate