Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=upmann.enra.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 29, 2025
Valid Until
March 29, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1A:17:A4:52:0A:DC:8B:B1:A2:48:39:7D:1C:D3:89:DB:D8:4A:E0:1E:6C:E0:51:FB:27:0F:F9:68:51:52:CE:FE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.codepro.ro
2020selements.com
physiorehab.aeglepro.in
aituring.co
mindshare.appincloud.eu
armat.biz
artalgie.fr
www.augmart.store
www.bebrave.co.jp
afiliados.betaki.bet.br
boyjones.org
brokers-zone.com
wisag.cateringportal.io
core.ccfnq.com.au
send.chaykin.me
clickbrawl.me
www.abigold.co.id
krntech.co.in
sts.ktevotech.co.th
admin.colorribbon.de
www.comunicacidadao.com.br
lachilangueria.corntech.com.mx
ctccollege.co.za
daniyalkhan.dev
auth.novobanco.datafordeals.com
admin-portal.staging.oxford.delcom.nl
emelleblocks.com
upmann.enra.app
eyemasterphotography.com
fenrirs.art
fiveborocleaning.com
www.focusy.me
click2call.garantiaya.com.ar
godlmine.io
www.gremlease.com
courseway.halony.tech
www.haraldnoethen.com
music.homeproduktionen.de
www.hr-check.online
hub.immo
humblerobo.com
hyfen.ch
imaginaru.com
auth.prod-v2.immo-data.fr
www.intermedguia.com
www.itcake.pl
jestnewsletter.com
www.jlarsson.nu
justcard.au
www.kerimyakamercan.com
rules.logicpuzzle.app
www.made.land
cozinhaplanejada.madesa.com
admin.magicpotgames.com
printers.magicqr.io
maticpcc.support
speckledmen.mauricode.co.uk
profile.mesbro.in
sessions.mlight.se
mon-chantier.fr
school.moshiurrahman.online
moutonscajunkitchen.com
msgasol.fun
a.nawy.com
neominal.com
odxpo.com
www.opstek.fi
www.oxygenplanner.com
www.p1mm.org
paragon.sale
app.paso.to
reviewx.patient10x.com
handstack.petecheslock.com
polliceverso.app
www.protectorsofbalance.games
app.realdatingapp.com
raingauge.realfield.ca
rebekahvanderspuy.com
registrdluzniku.info
ripplex.com
sannane.dev
sar3.ch
demo.scheduly.org
shipper-phuquoc.sk-global.biz
dashboard.softplix.com
splitleaves.com
www.stefanolazzari.com
storyme.org
ysa.studentsassociation.net
sukimachi.app
link.sustainaproject.net
teraboxmodapk.website
thymeandwhisk.thediners.in
notifications-demo.trandrew.ca
anfragen.trick17.it
www.trinityds.com.br
cob3.vanna.app
app.engage.chapelstreetchurch.voyagernetz.us
yitnow.app
www.zenloop.me
Other domains in certificate