Open
Cached
·
just now
82/100
SECURITY SCORE
Certificate Information
Subject
CN=uni-tv.com.ar
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 09, 2025
Valid Until
January 07, 2026
35 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DB:5A:63:58:03:4D:61:7E:50:ED:A4:4A:CD:2F:03:B2:18:29:00:B1:9C:CC:E7:B6:59:03:D7:55:7E:2A:DA:40
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Good
default-src; font-src; script-src; +9 more
default-src 'self'; font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com https://ka-p.fontawesome.com; script-src 'self' blob: https://uploadcare.com https://ucarecdn.com https://www.gstatic.com https://www.googleapis.com; script-src-elem 'self' https://kit.fontawesome.com https://*.firebasedatabase.app https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'sha256-gPjlli1HEdLlR0AZTY971/wQVOdSkl9mEinLnxrPpJw='; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://uploadcare.com https://ucarecdn.com; img-src 'self' data: blob: https://test.pensioenbij.nl https://prod.pensioenbij.nl https://pensioenbij.spservices.nl/ https://ucarecdn.com https://uploadcare.com https://assets.rekenmotor.nl https://firebasestorage.googleapis.com https://ssl.gstatic.com https://i.vimeocdn.com https://arclight.vimeo.com https://storage.googleapis.com https://europe-west1-pensioenbij-dev.cloudfunctions.net https://europe-west1-pensioenbij.cloudfunctions.net https://us-central1-soderberg-1c9f2.cloudfunctions.net; media-src 'self' blob:; connect-src 'self' ws: wss://*.firebasedatabase.app https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://*.firebaseio.com https://*.firebasedatabase.app https://firebasestorage.googleapis.com https://securetoken.googleapis.com https://identitytoolkit.googleapis.com https://www.googleapis.com https://api.rollbar.com https://uploadcare.com https://tlm.uploadcare.com https://ucarecdn.com https://upload.uploadcare.com https://ka-p.fontawesome.com https://europe-west1-pensioenbij.cloudfunctions.net https://europe-west1-pensioenbij-dev.cloudfunctions.net https://us-central1-soderberg-1c9f2.cloudfunctions.net https://api.openai.com https://pensioenbij-ai-service-514856867067.europe-west1.run.app https://pensioenbij-ai-service-589834615070.europe-west1.run.app https://pensioenbij-ai-service-732631674536.europe-west1.run.app; frame-ancestors 'self'; frame-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://uploadcare.com https://ucarecdn.com https://*.firebasedatabase.app https://player.vimeo.com https://www.quizbij.nl https://test.quizbij.nl https://www.pensioenfeestje.nl; object-src 'none'; base-uri 'self';
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Strengthen CSP by removing 'unsafe-eval'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
oog.felixxgroep.nl
auth.3dreact.com
www.accompanyu.com
aistoryhub.co
partner.aseguratufactura.es
athmons.com
avantcore.co
www.aviancehairnailsalon.com
cms.bluehorntek.com
bonesoffers.com
www.brooksupholstery.com
www.candowebapps.com
cfcalhambra.org
www.ciaranstudio.com
warner-staging-api.closedcaptionconverter.com
muswell.com.tw
davestheworst.com
www.deanworld.net
demolering.tech
www.digiclaims.it
domzastare-klisaric.rs
sundial.dotnetideas.com
gde.dpdgroup.co.uk
www.earsounds.org
ekinsogut.com
www.elkepowell.com
enlitenide.se
account.esch2022.lu
app.evelstar.com
fpg.214.li
status.freshii.com
deals.fultongrace.com
globify.mx
www.gnosis.com.ar
gomydefi.fr
goquickbox.com
www.harrisonwren.com
scpd.hbe.io
pf.healthspaces.io
hijamasister.com
www.hr24.ma
beta.iamvery.ooo
indiantechnicalinstitute.indiandevelopers.org
vlast.io.vn
itharo.com
jeffwu.me
mbti2.jiin.love
jjm.ai
kcloftinterior.com
keshavmathur.com
kick-off.app
www.kiesjekerst.online
admin.kiss.capital
burger-builder.kofipoku.com
komunitix.com
malikahmedjaved.com
mattm.tech
qa.minterverse.com
movimientosteam.link
download.mypandaapp.com
hub.nameless-stud.io
narciscristea.com
www.neum.kr
noirspeak.com
docs.ocuplan.co.uk
ogerzklan.com
onisa.co.za
www.pasci.li
www.schwabmuenchen.pho3.de
www.pickabook.app
pixo.pk
staging.plutomap.com
status.printarescu.ro
proteussecurity.com
www.qianqianart.org
quizbandiere.it
app.quizbound.io
www.rainfield.kr
dev.rawfigures.com
base.re2fe.com
batch4.restoplus.co
aaa.rxcx.au
appv1.searchviu.com
segoviadev.online
and-the-winner-is.sensacine.com
experience.shadowofwar.com
routing-map.staging.skipr.ninja
www.sktechnologies.ltd
southasianshopping.ca
office2-staging.sovoro.kr
thebluedino.com
thekalancollective.co.za
www.timeok.app
timilehin.me
auth.tixgo.hu
uni-tv.com.ar
app.uppy.jp
eu.operations.public.uveye.online
m.wickedcampers.ca
dmp.wowdesk.jp
Other domains in certificate