Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=applinks.yitechnology.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 24, 2025
Valid Until
February 22, 2026
63 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
63:43:0F:E5:9A:B1:3A:73:B6:DB:84:73:18:88:6A:DB:77:DF:70:FE:C7:C6:72:10:21:3F:F7:15:D7:44:E7:9A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport,script-src 'report-sample' 'nonce-4R7rN1LMyavWcbH0KQbseg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
ummanuca.um-manu.com
11.jwc.in.th
signature.9lessons.info
share.aafront.org
app.agoodthing.org.uk
amberfog.ru
develop.gustav.appculture.com
links.appframe.at
api.appjusto.com.br
aptie.ai
arthurzbaney.com
www.astitva.site
www.bhavikpathak.com
shakhan.biy.kz
www.bluesteinproperties.com
app.bubblybrain.de
admin.buffup.tv
www.byteregister.com
dev.choy-san.jp
cineflow.ai
dev.links.civik.ca
www.leaftech.co.th
www.cocoplanete.com
cofinds.com
padamrajchataut.com.np
www.corsonandroski.com
tfa.cradle.work
tenders.csdtenders.co.za
danielcampagnoli.com
learn.devteamafterdark.com
play.tango.digitalbluefoam.com
doc-you-care.de
www.docallus.in
atendimento.dropdesk.com.br
echappliancerepair.com
app.encurtalinks.net
app.factorialbiomechanics.com
fansaves.com
www.cacspmec.fin.ec
francistessier.com
sales.gclightinggallery.com
www.goalsrush.live
www.haseeb.no
fxcoin.hashcove.com
www.heyweb.dev
himalayacrackers.com
iczone.it
imbianchino-pisa.it
www.irenepruzan.com
docs.jotterpad.app
www.jujitsuschool.net
www.lakshyaved.org
larismael.org
link.lecointreparis.com
www.magizhangadi.lk
games.mhiebl.com
ishealth-studio.mor.company
www.mwplu.com
photo-kisses.myphotopal.shop
twister.nfc-clothing.app
www.non-standardworld.com
vendor-test.nucor.report
secure.tame.org.za
www.overdrive-finance.ca
pipari.site
pnwboating.app
www.programing-server.de
www.quizzical.io
r3pa.services
raminzamani.com
i.recmnd.app
reembolsa.me
wise.rgateway.it
rogan.dev
automation.semac.app
severus.dev
www.sharpears.de
shopsavvy.app
where.shouldi.guru
future.showroom.app
www.statuspropertyservices.co.za
www.storism.io
andeinerseite.stunning.studio
switcheroo.app
talktourism.eu
guido.tamborindeguy.com.ar
api.tanto.app
book.tanto.app
platform.tawny.ai
tempotiles.com
therathores.com
tidann.dev
www.tom-cat.co.jp
www.topnotchmech.ca
www.troyconsultancy.ie
focus.turnosweb.app
utd.ungbuoubmt.com
urushadze.com
wardbenn.com
applinks.yitechnology.com
Other domains in certificate