Open
Cached
·
just now
91/100
SECURITY SCORE
Certificate Information
Subject
CN=initiative.roadcast.in
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 06, 2025
Valid Until
January 04, 2026
41 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
35:09:38:0F:B7:BE:1F:72:27:B7:8A:B1:6E:10:41:B3:57:D4:B6:12:40:CD:12:FE:B9:C2:80:BB:A9:7B:F8:DC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Good
frame-ancestors; base-uri; report-uri; +10 more
frame-ancestors 'none'; base-uri 'none'; report-uri https://ofbf.report-uri.com/r/d/csp/enforce; default-src 'none'; manifest-src 'self'; frame-src 'self' https://www.youtube.com https://www.google.com/recaptcha/; font-src 'self'; style-src 'self' blob: 'unsafe-inline'; form-action 'self' https://step-up-for-membership.appspot.com https://www.facebook.com/tr; connect-src 'self' https://step-up-for-membership.appspot.com https://www.google-analytics.com/collect; script-src 'self' https://www.google-analytics.com/analytics.js https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/547477105435232 https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'sha256-0CcdOdSomIKjIJdNX7EWt9P4hieBozWSUQdbV1BtzQA=' https://tag.marinsm.com/serve/5a301bede10cdebef900007f.js https://pixel-geo.prfct.co/tagjs https://cdn.polyfill.io/v2/polyfill.min.js; img-src 'self' data: https://www.google-analytics.com/collect https://www.facebook.com https://pixel-geo.prfct.co https://connect.facebook.net https://ib.adnxs.com https://cs.marinsm.com https://analytics.twitter.com https://p.univide.com https://us-u.openx.net https://ads.yahoo.com https://cm.g.doubleclick.net https://image2.pubmatic.com https://pixel.rubiconproject.com https://pixel.prfct.co https://cw.addthis.com https://secure.adnxs.com/; object-src 'self';
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Strengthen CSP by removing 'unsafe-eval'
- • Add X-Content-Type-Options: nosniff
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
digicert.com
; cansignhttpexchanges=yes
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
ssl.com
comodoca.com
Wildcard CAs
comodoca.com
digicert.com
; cansignhttpexchanges=yes
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
ssl.com
Incident Reporting
mailto:[email protected]
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 5 CAs - consider limiting to only the CAs you actively use
Subject Alternative Names
100 domains
www.stepupformembership.org
app.aiapinerolo.it
www.altitude-bi.com
www.apolyta.com
ilosttime.appatlab.com
artelocal.eu
www.bidmytires.com
bundle.blurb.fm
pensioenbij.boostgroup.nl
www.bradycarey.com
report.cyberfishing.bycopilot.com
siuh.careinstructions.net
aura.unip.com.bo
develop.community.money
www.coyanservices.online
sofus.curlaid.net
datallurgy.com
anfrage.datenrettung-frankfurt.net
gameframestaging.dev-crazygames.be
energiasonora.xyz
connect.dev.evertransit.com
everydayxray.com
pro.farfel.cx
www.ferolmo.com
home.fitzyy.com
gabbyasuncion.com
www.gabicortes.com
gamebreaker.ai
geteco.app
app.ggcity.org
portaal.gonectar.nl
www.gorillasports.at
gskkumar.online
hashiban.nl
www.heidi.ro
www.heisenbergscomedystop.com
www.honeycombtech.org
supermercado46.hrtech.com.br
welcome.icibot.com
collectionofmaths.indiandevelopers.org
link.jeanninmaintenance.fr
imgcap.jingjietan.com
www.joonasnuutinen.fi
www.jowall.kr
jpetrzilka.eu
ksda.tw
app-dev.le.mu
dev.leasera.com
testdomain-dev.lfv.jp
www.liberty-tips6.com
mannan.is
mathblaster.us
www.mdln.fan
blob.play.medeintegra.app
www.microwavemanifesto.com
www.mitwire.com
motiondesignelements.com
offerwall.mychips.io
admin.myfinancialadvisor.com.au
myta.la
www.newsreports.in
www.niba1122.jp
ksh.nilsbenz.ch
app-vitalii.novaltrade.com
pame.cy
www.panian.net
3dviewer.peartech.in
pg-advertisement.com
play2x.be
www.proangular.com
projectbluff.com
projectcelis.com
www.projectstanley.com
stage.psybitcoin.com
www.qdup.com
tienda.quqo.com
www.rainart.app
panel.vanilla.rephrase.ai
resolvi.cloud
roaak.com
initiative.roadcast.in
sakewave.com
skillism.com
skyquestlabs.com
smdc.sleip.com
smileyisland.com
www.app.soco.market
solcitosaludmental.com
spacerocks.live
speelwhocares.nl
pro.sportip.ai
fastai.themobitech.com
www.thinkvote.io
tomwedgeimages.co.uk
trebolsonorense.com
www.unbroken.digital
cliente-dev.viacertabanking.com.br
sp.vinid.net
www.waterstone.app
links.waveshine.com
Other domains in certificate