Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=innovaocean.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 04, 2025
Valid Until
March 04, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C0:9F:64:C2:72:8A:E7:6C:50:11:09:5D:27:4C:A0:41:B6:4F:0A:F6:AA:10:8D:BE:DB:F1:FC:DA:6D:50:5B:70
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
goliza.com.br
zynga.12traits.com
25rs-games-fb.180app.com
2nd-media.com
aclemens.de
www.alphinetextile.com
www.atalas.net
augmentedally.com
doc.b-st.jp
www.bahawalpuritv.com
www.bankerwealth.com
www.book360.us
aplicativos.br.com.br
bestellen.brchaus-nettetal.de
www.brewbricks.com
www.britta-meinke.de
www.clearcut.tech
www.countdowntothedate.com
app.creahsalud.org
www.crowdegic.com
www.cynchsec.com
dev.dena-bc.com
auth.app-qa.dipseastories.com
demo-consumer.divit.dev
tables.doodlelearning.com
drivetheorystudios.com
mta-sts.elights.co.uk
enteffeofficial.com
admin.fictioneers.co.uk
app-dev.getlittlebirdie.com
app.getlittlebirdie.com
portal.test.ghostline.xyz
www.giraffeql.com
www.globalcredit.ua
beer.gobeep.me
www.goodmarketing99.com
greekwater.gr
havakalite.si
store.honestgreens.asia
innovaocean.com
wbi.jairukchan.com
slack.jeffreylee.dev
www.jet-hr.com
www.jiujitsuteam.com
cnametest.joaoptrindade.com
www.joseinvernon.com
link.unstable.justpay.io
photo.kangwenn.com
gbvs.keeponrock.in
coffee.kiedrowski.ca
project.kroenger.org
kyonlube.com
lecoursville.com
lemoninspace.com
lettergenai.com
libra-asistencia-vial.com
mazidul.com
admin.mepcad.com
join.midfinvest.com
www.admision.minddo.com
auth.moonbridge.xyz
mvpvolve.com
component-library-dev.mytechnis.com
navneetgulati.com
nefzi.com
career.notnot.se
wh.oktarkari.com
www.oneoceanseafood.com
admin.bursimax.optimasysdev.com
checkin.hypenation.optimasysdev.com
dashboard.ostobuddy.com
tracking.packaly.com
demo.pbj.live
playfox.ca
point-draw.com
www.qiyfoundation.org
app.radikalplayers.com
rapidx.bio
auth.realosakaestate.jp
reemtaye.com
facts.sathishwebdev.com
secamalote.com.ar
www.simpleretro.xyz
snaparoo.com.au
wingstrivia.sqwadhq.com
start-hub.ca
stingcapital.no
www.dealer.stockwall.in
www.tenfactorgrowth.com
texthear.com
www.thatisusama.com
thebluecave.com
www.thili.ai
www.tonyzog.com
vergelaw.fi
villocan.com
ltest.vngecn.com
wasat.cc
www.wizpanda.com
wordzmania.com
Other domains in certificate