Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=bs3.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 05, 2025
Valid Until
January 03, 2026
37 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
66:05:95:AB:3B:DB:88:17:4E:4B:3C:9B:5C:66:EA:6C:21:40:58:E4:47:E3:A9:84:66:4A:5D:4F:F6:4A:C7:5C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
marktbox.de
www.abhishekbhagwat.com
abytravel.com
admin.passcard.psu.ac.th
www.agnostech.in
sigma.cao-kappers.appdashboard.nl
www.baltosiospirstines.lt
services.bigstarsoftwares.com.br
bolsonaroipsum.com
brothlicious.id
bs3.app
c-squared-media.com
callnection.com
calt.ai
cameronjensen.com
car811.com
charlietango.co
chat.av-pro.co.il
www.matsang.co.kr
material.coachreferee.com
techvarsity.com.ng
ganapp.pointwest.com.ph
www.convenio.app
auth.creatordash.net
www.crypto-identity.org
www.danrleypereira.com.br
dectio.com
doededuer.dk
elevatedbaking.biz
elevatetechglobal.com
oddity-oldstorefront.emporix.com
estanentrenosotrosia.com
eventossahuaro.com
staging.fanvault.vip
www.fornclakes.com
www.front.cat
geniusai.space
www.grail-talent.co
www.gramlink.co
buihoanganh.id.vn
staging.imaginakids.com.br
timesheet.investorsportfolioservices.com
www.ipquickcheck.com
www.jaltea.app
jamestours.com
justblacktshirt.com
www.teamradar.katalysatorduravermeer.nl
kelimino.com
keynsham.info
www.kunstkreis-bernau.de
www.learnalgorithm.com
logicle.app
sid.maltaadv.com.br
hello.michaeljames.me
super.minutebox.xyz
montri.fr
www.motiverse.club
portal.myvillage.co
www.nostalgianinja.com
www.orderupgo.com
paragoniks.pl
gestor.paralellumsa.com
auth.pathfinderplatform.com
dev.perfectplace.app
qr-demo.posnet.com.au
puotas.com
quizatty.com
www.quizatty.com
org-chart.ramconsulting.com
www.robertholmberg.fi
rutaaccesible.site
scpaloalto.com
semt.com.co
shannontbowers.com
signory.io
simplysaoni.com
skate-team.info
sma.ar
solarmafia.app
songaudit.com
www.songaudit.com
sso.spacex3897.club
app.spatalyst.ai
app.alpha.standards.site
www.techexpertsceylon.lk
theyareamongusai.com
church.thx4playin.com
tomjefferis.com
webadmin.tracksol.my
husqvarna.turfcloud.com
tusideasdigitales.online
demo.valuechecker.ai
vegatech.es
vektorusa.com
vistachilla.com
vrexistechnologies.com
hsr.wayaj.com
flutterglass.wearemobilefirst.com
connect.xmltravelgate.com
synapse.xourse.com
Other domains in certificate