Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=sbstaffingllc.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 27, 2025
Valid Until
March 27, 2026
85 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
19:51:28:D2:5E:1F:CB:B3:13:AB:C1:22:71:F2:F2:D3:C2:92:99:43:9F:75:54:C8:73:AD:E2:08:10:B3:8F:2B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
cms-staging.smartplant.app
tradelite.12traits.com
abdigitalconsultancy.com
games.adiop.com
adityamhatre.com
www.afterhours.app
aghilmort.com
www.amazeyoo.com
anna-sharp.ca
artdiction.in
aseven.org
www.averto.app
axtellcommunitygrocery.com
www.beer-list.app
www.beha.app
app-dev.benjiinvestments.com
www.besttyreservices.com
www.bythewake.com
www.chataize.com
chroniker.co
links.clbrk.com
event.desnackcar.be
ditiem.games
dontileplumbing.com
www.donttelldarlings.com
expenses.druhinh.com
econlinguistics.org
www.elephantaresort.com
encantocolombia.com.co
www.etar.app
findmypath.org
fischereszter.hu
freoza.com
genevieveconnolly.com
hire.get-ikigai.com
app.getdevour.com
gmailbox.app
guestino.com
mintpass.hereaftertheart.com
honeybeecraftz.in
www.hristijanristeski.com
checkout.ialoc.ro
www.kai-lab.com
tools.kjc.dk
lingobridge.app
m2nmij-l-pocket.lixil.co.jp
lumi.page
qa-links.marz.app
mestredojo.net
metartist.in
www.minskblues.com
www.monaccode.com
motostar.at
tree.mseefelder.com
mukhtarzargar.com
novila.my.id
test-admin.myhipai.com
docs.nannode.com
nazd.us
dashboard.docr.nd.gov
mtorchio.net.ar
nomansskychef.com
www.ogh.am
oliblade.com
packright.app
palota.co
peak3.co
nhl.playbook.money
www.playturnal.com
poukar.net
filedrop.premier-pump.app
m.prit.app
plus.qrq.app
app.rampstatus.com
resultcode.nl
www.retardcards.com
www.rumanscaffolding.in
salihfsimsek.com
sbstaffingllc.com
app.scholarship.app
seanmena.com
sivajan.ca
skylex.me
staytruesurf.co
studiokad.fr
www.tagatakia.com
thestudyholics.com
timberhutpm.com
timelogger.biz
partners.trucksters.io
staging-masoncounty.trueomni.com
visual-graph.online
vitalvend.app
www.vladbasin.info
vunzagroup.co.za
www.whatireallywant.app
wickedcampers.co.uk
worldclockmeetingplanner.com
auth.yousuite.app
zuppero.com
Other domains in certificate