Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.unghosted.co
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 21, 2025
Valid Until
February 19, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D2:48:C7:93:28:5C:D8:6B:39:FD:B1:75:9E:D5:DC:DD:19:6B:FA:8C:7D:25:88:2F:BE:24:9C:D8:A4:47:B0:8F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
hotelsolana.com
10110.dev
aarondovey.com
reservoir-uat.acecap.com
app.dev.affilimate.io
alien-mbti.com
alirtify.com
andrebono.com
asia3ctech.com
australiandebtsolvers.ava-systems.com
nakedfoods.ava-systems.com
www.avenuebarber.ca
x.bedr.me
bellytobabydoula.com
static-gallery.bocist.com
boris-admin.eu
bpmathews.com
www.buildexcellence.co.za
yz.sscoaching.co.kr
account.explicador.co.mz
www.codebox.london
www.glixar.com.ua
cms.simi.com.vn
csbraende.dk
depmapper.com
shplist-s.dev-ltl-xpo.com
devtyde.com
www.djkapil.com
www.drewsdiabetus.com
duarteich.com
www.app.ekkiden.com
agrilelang.elevarm.com
www.elysium-chain.com
emradsinc.com
erkangunaydin.com
www.findeck.de
competitions.fitpuli.com
www.foodieyak.com
gamesfromthegarage.com
grandmasters.io
haarlemjazzandmore.nl
happytraveldreamer.com
henryspickles.com
www.hiringshala.com
borja.hormigos.com
imperiopisos.com
party.inova.si
app.intellitech.cl
txotx.interzonas.info
inthyanvi.com
www.jakeandcatherine.com
kayii.jalzate.com
www.jw-gas.com
kali.pics
dalok.kecskemetibaptista.hu
open.keraprofessional.com
kris-kay.com
spa.home-finder.kziete.cl
revelations.lalchimiste.club
lilbitsofmagic.com
linennest.com
manada-lab-nut.jp
mascrmsolutions.com
matthewgancheff.com
merpnderp.com
gammal.mikjam.se
www.mirown.com
www.mvxperience.com
www.nashod.com
www.ndpropiedades.com
www.nolenoriana.com
nonagoncup.com
pelitawisata.com
web.pjaguar.com
progressiveconsultinginc.com
o.demo.pwnlogs.dev
cookpilot.qint.de
vendor-staging-beta.qlub.cloud
reviewscomein.com
tsat-carga.rgn.io
rideberry.com
admin.test.runmyservice.com
www.seanpautzbio.co.za
www.secwebdev.it
shadokai.com
stegroup.co
www.stickemup2.com
sumitkumarr.com
graphite.syncodec.com
terraminorrights.com
thedal.in
thetechguardians.com
transportebless.com
www.u3dconcepts.com.au
app.unghosted.co
clj.build.ninja.usestrive.com
app.vanecke.nl
admin.winhangarra.com.au
wzteoh.com
zfyconsulting.com
Other domains in certificate