Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=quickup.octech.dev
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
January 08, 2026
Valid Until
April 08, 2026
75 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4E:0D:4D:19:13:0A:29:A0:FE:24:DB:F1:38:6C:31:48:4A:56:0F:2B:29:A5:F9:49:B6:F7:B3:91:08:04:B3:88
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport,script-src 'report-sample' 'nonce-S1rgYvAD4uC9O_rbLhhLQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
l.qa.mrd.com
aciincinerator.com
adcitrus.com
aerofield.fr
trivia.afrivators.co.za
www.andrew-app.dev
arenaria.studio
asia-eco-earth.com
hashpros.astralelite.org
besvikel.se
betna.net
painel.biud.com.br
www.camigoapp.com
admin.centbids.com
at.centbids.com
co.centbids.com
de.centbids.com
us.centbids.com
chaldron.app
www.cleanthefiles.com
talireuven.co.il
saadaresidency.co.ke
taichi.creativewaves.me
davarium.com
deschidecompanie.md
dev.ekalsutra.com
koisend.thedaniweb.eu.org
targets.eventhireuk.com
auth.flooreo.com
fotocore.app
www.gethip.ai
collect.gratavid.com
dubaicompany.hasotechnology.com
ai-portal.icare-sys.com
impactpartenairepublic.net
app.issune.com
itsimple-portal.com
auth.jgmnetwork.com
auth.kalinkapp.com
kentgentilezo.com
posbytz.kwapio.com
leadshub.com.br
authb2b.lykdat.com
hr.makeit.buzz
old.saraf.mhaswadkar.com
morganmathien.com
motorswanns.com.br
motorswans.com.br
m.mult.dev
www.nadood.com
nebari-solutions.com
www.nebari-solutions.com
www.nebari.solutions
yoteiball.nekurotech.com
sahakitcolakku.nongja.com
notasys.pl
nourdaily.com
www.numberbubble.com
quickup.octech.dev
web.olajfolt.hu
www.oliverscard.com
www.optafactree.com
orionpermitco.com
peepholeteam.com
pie4game.xyz
piratrack.com
pranjumishra.com
www.pranjumishra.com
rakeshralla.com
sarang153.com
birthday.satyaprateek.com
web.schoolps.com
christmas2020.scorethebusiness.com
www.scryptworxstudios.com
seismopilot.com
www.seismopilot.com
www.simplerulerextension.com
www.sinoai.com
sintergic.ai
embed.sodaphonic.com
attendance.sparinglifestyle.com
www.thafam.in
thelsatlaunchpad.com
admin.ticketbuyer.com
tobegames.com
torcaza.dev
tractopup.com
www.tractopup.com
tradeyai.io
www.tradeyai.io
trykit.biz
tuppl.dev
twosntl.com
pjc-smc.vevent.online
va-matrix.vnlp.ai
webglobalsolusindo.com
wedoitbranding.com
wildenbergwebsites.nl
xn--cesmehalkoltukykama-n5ch.com
fx-snapshot.zensorlab.com
Other domains in certificate