Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=bitum-app.oz-tms.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 25, 2025
Valid Until
March 25, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5E:66:71:41:59:F2:80:C3:15:03:F8:2A:2A:8A:B8:DA:00:82:BB:EF:1A:C8:77:EF:CB:56:66:3B:DE:B7:E2:02
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.matchdaydigital.com
firebase.100500games.com
demo1.app2.1on1navi.com
360.fertili.com.br
actionable-eval.com
www.andamp.tech
ansel.photo
anupbhandari.com
superceo-app.apptile.io
atadaboard.com
aviation.tools
bankwakacji.pl
app.bizilla.io
admin.bluechew.com
bootspruefung24.ch
brainwavelogics.com
www.call-a-colleague.eu
cereal-whisky.com
china-elephant.li
www.clarx.dev
cleverle.app
feedback.cloudphysician.net
service.cmc-deutschland.com
www.crafteria.co.kr
codeschoolusa.com
guests.coffeedevelop.com.mx
monie.com.mt
comeacasavacanze.it
www.condomini.io
www.cox.nl
cvcprs.com
davidamante.com
dbucher.cz
digma.io
www.edmik.in
entregali.com.br
login.pai.febrafar.com.br
archivio.fianoromano.org
firebase.fianoromano.org
finding.email
fogashram.site
globalchances.de
www.gracetory.com
kilmore-staging.gue-be.be
icemta.org
dev.igld.in
www.itmr-dev.de
jumaceto.com
anmeldung.jura-freiburg.eu
www.left-over.eu
mibm.lk
mmtrue.in
movitwellness.com
mylentor.life
neelus.needleandstitch.ca
nextgenservice.in
dev.o-gx.jp
oliveexports.in
admin.onewaydroptaxie.com
btob.open-order.fr
openapplock.com
bitum-app.oz-tms.com
www.prima.golf
bestellen.profarm.be
professor247.vip
www.quickhuddle.app
sbstransit-test.quicta.io
map.rf.live
qprfc.scouthub.app
www.sebastianunda.com
marketing-science.signitiva.com
www.marketing-science.signitiva.com
www.skills.io
doc.monitoring.softdb.com
www.speedstar.live
www.spheon.xyz
summitdrywall.pro
sunnxt.site
surreymn.com
graduaciondayanacastro.swanmoments.net
www.swhag.co
www.talent-alpha.io
thetaniasblog.taniamalfoy.com
maai-app-manager-cooperatie-gastvrije-randmeren.techmaps.nl
tiddle.us
stg.trange.app
www.tucasaconstrucciones.com
www.turtledoveinvestments.ng
www.twentyonest.in
uniqhr.com
www.uniqhr.com
uuhuu.net
vendor0.com
home.videoxhub.top
vintario.mx
www.virtualhousie.in
app.wordexcelmerge.com
isthecoffeeready.yandlapps.com
app.yoganaya.com.br
zsocial.zagrostech.com.br
Other domains in certificate