Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=auth.unicornaxe.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
52 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E8:9C:63:42:E1:49:ED:43:99:EF:03:D6:3A:97:91:BF:D7:4B:88:BF:12:84:9D:EE:1C:88:F9:93:99:F4:8B:88
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
sara.zarin.solutions
1there.com
www.555labs.com
75rev.com
aana.app
ankasaloans.com
us.archive.ansonng.com
arusoil.com
asiankatha.com
astraeusclarke.com
links.attractionpass.com
ticket.avenuecareers.com
balloon-chaser.com
befinch.com
www.betyfurniture.com
3d.bhargavnaidu.com
medhas.bitmenders.in
blulify.com
boobybirds.com
brianallemeier.com
admin.claroimages.com
www.cliniquelouispasteur.bj
clintonwalsh.com
www.askloans.co.in
recipemaker.coachforlife.in
colabatlantic.com
m.fgt.com.tw
strafe.ctksystem.com
stag.for.dinii.jp
app-staging.dmeflow.ai
www.donchimino.com
doraco-ent.com
www.dreamlin.info
driston.com
dsmx.ca
educare-tutoring.com
elpwifi.net
www.enriquechacon.com
www.epiphi.com
fausrguez.com
app.figureex.com
relocation.fitnessdoctor.com.au
www.franklfranco.com
gcampax.com
harmonograph.geckour.com
admin-dev.getposa.com
hofb.app
links.hyperice.com
igia.se
intoxical.app
io-music.io
www.irisband.co.uk
www.jakea.io
www.kairos-ia.com
kumikaze.jp
www.legendoj1.xyz
api.dapay.linkeddots.com
staging-freizeit-app.main-echo.de
www.malikawawer.com
mark-inc.net
www.maryrmonsted.com
www.noel.myworkportal.ie
nithinmerugu.com
noahtaylor.ca
admin.fpf.orchestra4edu.com
talks.otavioalves.com
otticavaldera.it
www.parentpayback.com
www.picurbrain.co.uk
prajawealth.com
bonusly.productsignals.com
ptitgame.com
pubcheck.org
asoregan-admin.pujasweb.co
www.quetza.com
rakete-catering.de
www.recipeswild.com
app.rs2.remotesocial.app
app.rliable.com
luzdelsur.robles.ai
rubk.app
widget-dev.runllm.com
shop.sat1.de
senthurvelavangroups.com
app-qa.setu.care
skinfinity.info
stage23.ca
www.starcatelectrics.com
www.stinkysox.com
www.surreal.photos
www.suryacarwash.com
app.tagoexpress.com
tokenholder.net
auth.unicornaxe.com
unitconverters.info
va.casa
windsapp.com
wiseprogramuninstaller.com
console.wotzon.wlloyalty.net
www.yayshop.io
Other domains in certificate