Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=invest.smithhopen.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 07, 2025
Valid Until
January 05, 2026
53 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F6:FD:79:34:45:D0:5C:D1:0D:C0:AD:84:C8:9E:52:A7:E4:D1:AF:4C:4D:52:7F:18:40:E9:74:52:8F:8A:DA:8B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
inspection-portal.skylarkdrones.com
admin.403adamski.jp
altcoinportfoliomanagement.com
amasiacheese.am
www.appointia.com.ar
the.aregolife.com
app.aska.ro
autility.no
www.beta.bildin.com.pe
l.breakfast.tools
antelope.cevs.dev
leonardsadventure.chu.mk
cms.clickwork.app
makegood.co.il
coderre.ch
www.constructorabrac.cl
app.etapinsure.com
app.floppy-delivery.cc
fmfmkun.com
www.footballmaths.club
gain.si
app.gcesarimoveis.com.br
intra.getinov.net
gojaristoro.it
dev.gopocket.app
pdf-reader.goread.com.br
peasant.greatbarrel.com
hr.hadafalkhair.com
cov-id.helix-lab.org
hypeitorhateit.com
www.inigodelportillo.com
www.jahyunkim.com
stage.jainam.app
art.janu.sh
secretsanta.joedm.com
www.keittokirja.app
www.kushal.io
gift.kyuramen.app
www.launchctrl.co.za
management.laura-ai.de
www.likha-tech.com
www.lonelypop.com
research.m.works
web.macros.app
kin.makeany.app
www.matrixprog.com
www.mdtsindia.com
app.mediumcustomdomain.com
i.meembar.com
link.meembar.com
megakind.com
menavarro.com
meny-app.menymeny.com
theme.merdekatech.com
iconbeach.metaoriginal.app
www.meudestinoapp.com
self.micepad.app
microtracksmash.com
milcontratossfabogados.com
misdevelop.com
www.mishnah.app
mitchellvalentine.com
mixedbyadn.com
mlopezitsolutions.com
evaluate.fiserv.mobilitymojo.com
mockape.com
mockup-plugin.com
monamialbert.com
mondossier-canada.com
www.moorlandmassagetherapies.co.uk
www.myfont.app
tracker.myrealfood.app
myreflections.app
www.noisehack.com
www.norgeskart.net
external-test-env.notarity.com
www.notestech.co.za
devapp.onemorestory.com
promecpachino.it
mtntid.propertywallet.co.za
sugaorygen-admin.pujasweb.co
sugaorygen.pujasweb.co
www.recicladosmijas.com
www.rhrobotics.com
salyamevia.com
www.skeittivideot.fi
invest.smithhopen.com
www.tapacenterdev.com
www.tedxbitd.in
ordernow.thaihousedenver.com
www.thesciencecapital.co.uk
uprogulasu.pl
www.viantrix.com
app.vocalizeinterpreting.org
wehnaumgatedcommunity.com
wissensmanagement.wisit.com
wolfbadger.co.za
www.woofingfromhome.com
20i.zabaat.com
investor.zuko.ai
Other domains in certificate