Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=restaurants.dev.simpayx.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 31, 2026
Valid Until
May 01, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
33:C3:C1:D0:4A:7A:A7:4F:64:B9:54:A4:CB:1E:BF:6B:F0:D9:6E:E0:6E:7E:20:FB:D5:F7:34:08:DF:C0:6B:67
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.greenclicks.co
123abc.com
lms.actcway.co.uk
adacareklam.com
alabamaddc.com
alhololalthakeya.com
www.alternatives4aging.com
anujandemily.com
ap-chip.com
www.asesoriaalemansanchez.com
alpha-31337.ashesofcreation.com
auth.assured.jp
automazionipassini.it
avocadoxusa.com
awaretips.com
barredsd.com
betterbegreat.com
events.beyondnetworking.ca
track.bigblue.co
bigcreekbarkery.com
admin.bookypets.com
www.canvaslabs.ai
carlsonpe.com
www.cmaibeauty.com
www.cmcgdd.com
gcattendanceapp.cmrl.in
link.otospector.co.id
coachedbygj.com
www.colinlarson.ca
collegedick.com
auth.concertory.com
creatorsmap.com
wowza-orders.crispnow.com
www.csm-vrchlabi.cz
daiauctions.com
www.dailytoolkit.com
app.drivecloud.com.au
drmagesh.com
app.egh-global.com
ellisongames.com
elmizan.com
register.fishfacts.com
fysh.app
globalriskmodelling.com
logos.go-fet.ch
mentoring-sandbox.godonew.com
goldencross.app
auth.greatcompany.com
app.gs360play.com
dev.harc-app.com
hocchi.com
iamyan.com
app.inxout.top
signage.itempire.at
iwazaki-tcm-lab.com
www.jeremywest.io
www.justinireland.com
dev.labelers.ai
lantsea.com
latouros.com
lockdown.memorial
www.lookinapp.io
his.medminutes.io
www.metrocubicoweb.com
michaelglueck.ca
carkhelo.mojocash.in
www.monotone.com
www.mosaicmedia.fi
jkt.mtnpy.id
admin.myfitnessworld.in
myoneai.app
biran-pattern.neko-cheese.app
www.niboli.xyz
www.offenestadt.info
www.parabarshipping.com
sandbox.paulhalleux.be
kontakt.pdr.cloud
prettysnap.xyz
rarefishmarket.art
quote.reachmedia.co.nz
regeneracionoceanos.org
rem.co
app.ricardorover.com
rpds.me
seatingch.art
www.senses.sa
restaurants.dev.simpayx.com
app.sinavrehberim.com
docs.sippy.cloud
www.sultanconstruction.co.uk
field-svhk.tapraise.dev
triarrows-group.com
unifii.ng
visionbeyond-staging.visionbeyond.app
viskum.dk
plattform.vtatch.de
wiatava.live
admin.winhangarra.au
wzvsn.app
xtrea.com
Other domains in certificate