Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.mgimthink-tank.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 03, 2025
Valid Until
February 01, 2026
76 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BD:88:D1:8E:6B:02:75:70:8A:B5:AD:DB:65:B8:1B:24:0A:35:D7:F9:AB:BD:8C:0A:AA:25:CE:B9:84:6A:99:0E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
globtech.co.mz
jjokji.64bit.kr
www.amazeenglish.com
amazuno.com
balajimanikandan.com
befrank.in
www.befrank.in
biehler.co.uk
white-label.booster.id
mygym.carlopezzotti.ch
cbvsonline.in
www.cbvsonline.in
avisoftlab.co.in
www.sf.co.ke
www.coffeezinho.com.br
www.kaganyaylaa.com.tr
www.comunemed.com
cqs.lat
www.cqs.lat
qualidade.dadosic.site
transformers.dadosic.site
www.eratechlabs.com
www.exceededa.com
map-uploader.fieldmargin.com
www.freelancery.org
app.freemi.co.za
www.gachemicalsrls.com
gamerlinks.org
www.gh-immobilien.com
www.gllowbe.com
globaltech1.com
happybezd0gannaday.store
auth.homelinkrwanda.com
hotrespect.com
202400029nnta.id.vn
ducpdm2400038.id.vn
app.iklo.io
pastel-violet.ilmsg.in.th
intext.site
fecc.introverted.social
www.irthael.com
www.jrfitnessequipment.com
www.junocare.com.mx
jutaku-loan-sim.jutakuloan-muryousoudan.com
www.mcalbyrne.com
www.mgimthink-tank.com
miloslab.dev
www.monicasarinfoundation.com
www.neonaturalism.life
mandates.neutralfuels.com
www.nicesecurite.fr
stg.omfin.co.za
www.onespot.co
onlyexif.com
www.onlyexif.com
my.optifit.app
links.ouul.kr
verify.ownbase.org
www.payteq.com
pirkansahkourakointi.fi
www.pirkansahkourakointi.fi
ratp.pixecurity.com
pixly.cc
admin.proveritas.app
manager.proveritas.app
tenant.proveritas.app
pskybusinessschool.com
www.psuoy.fi
ragabothman.com
www.ragabothman.com
rentvisie.bookings.ratality.com
www.riverhousetechnologies.com
www.sciack.it
teledrome.sdfdev.com
api-docs.share-enterprise.nl
shrutirajvanshi.com
www.shrutirajvanshi.com
app.skytee.fr
superadmin.smartpol.it
www.streamyourlivescore.com
tpnrp.thientd.dev
quiz.think41.ai
ohana-vitality.timp.io
auth.toolplex.ai
tselev.net
auth.ultichat.ai
portfolio.usama.ai
pseudo.usama.ai
usama.ai
www.usama.ai
portal.veragor.kz
vitolero.com
www.vitolero.com
vkspartak.rs
www.watt4cast.si
webbea.qa
www.2213.live
blog.y-yagi.tech
www.zubasalon.in
zubasalon.in
Other domains in certificate