Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.smmi.org.ma
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 28, 2025
Valid Until
January 26, 2026
72 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
34:30:72:2F:2C:98:06:EF:17:BC:27:E0:78:45:3A:AC:37:3E:FC:E1:89:54:C1:65:DD:5E:C3:81:F8:49:13:77
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
helsinkidigitalhub.com
mythical.12traits.com
dashboard.payments.4geeks.io
ajsaraj.shop
akhet.tech
www.architecturewithnico.com
assisto.co.za
autoclaimpro.com
gamesadmin-jpj-prod.bagelcode.com
www.bitdeliverysk.com
www.cfhl.com
stickers.chino.cafe
confirm.clientdiary.com
domotic-control.com.ec
senti.com.ph
app.altoke.com.uy
www.daviddevilliers.com
dev.carehomes.daysix.co
divyangmistry.com
link.doconation.com
firebase.domobile.com
dragonx.cloud
explorer.aero
www.fab946.info
familydent.clinic
fantasyfootballplayoffpool.com
flywheel-dispatch-driver-test1.us1.fleet-dev.com
flywheel-dispatch-operator-test1.us1.fleet-dev.com
flywheel-dispatch-traveller-test1.us1.fleet-dev.com
flower-park.com
wavefront2.givemagic.co
auth.goguzi.com
goldenwesthours.com
budget.heartland.edu
www.helderesteves.com
himanshuaggarwal.com
devs.hispanossoluciones.com
www.imrenkasap.com
app.instahap.com
gmm.inter.mx
jishan.online
kwikdevs.com
lemonadeart.com
www.letspondr.com
dashboard.lineleap.io
livestream-sas.de
marcosgomespsi.com
bestlife.medgrocer.com
tenyear.meichuhackathon.org
mesbro-service.mesbro.in
metallixindustries.com
projects.michalismichaelides.com
miraconnect.me
misja-kerygma.pl
mountain-gravity.com
munevvergroup.com
mycardgame.io
nenasshuttle.com
newgengraphics.com
www.olivermharrison.com
app.smmi.org.ma
papersboxgt.com
parasgulati.com
www.patuncon.com
multi.philteigne.com
playsovereignchess.com
pongo.is
stg.zim.quickcommerce.org
web.quinielapro.com
www.rafaelning.com
www.remote-dev.team
www.remotefinancejobs.com
api-staging.retailcloud.io
demo-islands.rossalexandra.com
xynex.rotapad.com
safetonehealth.com
lite.saudevianet.com.br
staging.lumident.siteco.com
sivaramshabari.me
www.speakingathome.com
www.spit.me
storydsoftware.com.au
www.sucolab.com
www.suzannemcgoey.com
peflog.tekemo.fi
playground.thecodeship.com
pwrdev.thefollowuptool.com
test.toegang.org
www.trainy.live
www.trraestate.com
wlg.glass.ufg.co.nz
app.unhbackend.com
academies.unimastery.com
testvocacional.unives.mx
www.waafisoftware.ca
waecikejactcsltd.com
projects.webcat.app
wfo.wisperisp.com
backoffice.worknot.fr
beta.zubtitle.com
Other domains in certificate