Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=smile.samschmitt.net
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 24, 2025
Valid Until
January 23, 2026
61 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
99:27:47:55:F7:54:E0:2C:F2:CA:3A:6A:D7:26:E6:EF:4C:23:E1:23:1F:55:00:0E:3E:70:37:D9:1E:05:84:75
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
citizenfinder.info
1nspirationdigital.com
www.30seclearn.com
acaciateam.com
akebono-discoveries.com
staging.admin.allefolders.nl
andaraseguros.com
www.askinnovations.net
bib-pfizer-25.axon.es
www.balulajka.hu
jeu.baristacafe.nc
amz.bioschwartzoffer.com
app.brainjo.de
crypto.brian-poole.com
www.brightserve.org
digifypro.bytekast.io
ccarroll.dev
resourcecenter.circadence.com
cleanjson.com
insiders.clearpathpaper.com
www.climateactionnarbs.org
online.suds.com.ph
www.crgruas.com
cultofmartians.com
cyvali.com
danatbazar.com
www.dayj.io
developdenver.tech
cc.devmaycry.com
digitalsoulution.com
dikson.com.co
www.dmdmusic.org
www.drdps.in
u.dropxlogistics.com
www.imaginate.edu.sv
bingo.eni-eni.com
mobility-map.entur.org
eventa.id
frbs.feelsart.ai
dynamicprodapp.film1.nl
fitrelated.com
portal.forexlens.com
geo-notes.com
gonalara.com
staging.granica.io
hiverecipes.com
homekids.com.ar
www.ideotipo.org
www.iotbay.in
jacobburnstein.com
jilatnihya.pro
jitic.nl
jwvdh.nl
kccameroon.com
keenuts.net
keeth.me
www.kevin-haustein.de
kimbabcheonguk.ca
colostate.app.konch.ai
www.kreativepeeps.com
kuwais.sa
app.ladybidwell.com
guidestaging.lithodomos.com
teresa.macri.ai
www.mandlowitztraining.com
www.maskot.io
mazurekstudio.com
www.micuentodigital.es
mugibaku.com
mummoku.com
plixelmud.apps.mutecolossus.com
www.mythrill.app
apollo.n42.company
www.apollo.n42.company
unitforms.nedair.nl
app.dowell.net.ar
nuvolt.io
www.leo.org.in
originof.live
costco.parkalot.io
rc.petleo.app
poached.tv
edu21-beta2.prontosolucoes.com.br
www.redpumpkin.hu
www.regionsoilandgas.com
rer-a.fr
www.rgb.au
smile.samschmitt.net
www.seller-systems.com
situationcd.com
www.spoton-education.in
streamclub.app
l.suerte.studio
www.szerepcsere.com
teaminglis.ca
texnique.xyz
jolanda.tielens-aarts.nl
dashboard.timetri.app
demo1.ultof.com
certz.zac.ac
Other domains in certificate