Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=bsit3a2025.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 13, 2025
Valid Until
February 11, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E9:12:B2:10:0A:06:61:56:92:F4:7B:18:B9:65:89:94:FA:04:51:D9:64:C2:FE:18:4C:A2:FB:6D:9D:51:55:19
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
sdc-invitation.kerzz.com
2014.bloggies.com
360aviationacademy.com
www.5startrivia.com
prs.aicf.in
www.aplusvalley.com
www.askhidayah.com
www.assignmenthelpersingapore.com
appbeta.authentic.net
www.avora.travel
www.ayushfit.in
app.barleyboard.com
scheduler.boxknight.com
www.bradosche.com
brimij.com
brockstonedesign.com
www.brockstonedesign.com
bsit3a2025.com
admin.busesforsale.com
links.listopad.cheesybeard.com
panel.click2call.cl
painel.cogniapp.com
www.cogniapp.com
www.creations-bois.ch
assess.cyberwave.be
julius-de.dashprospect.com
nitro-coffee.decursed.com
sandbox.cloud.dicomlab.com
app.didousoft.com
didthegatorslose.com
www.dopplerbit.com
auth.downtowncupey.com
web-dev.doyumeibo.jp
media.dqtact.net
study.dudaji.com
dyslexiafriendly.dev
earphysics.com
ecalculadora.net
servicio.restaurantes.eficiente.co
app.enroutesystems.com
erlenepsyd.com
www.erpsoftsol.com
www.etiket.app
eumentis.com
evolvedhumancare.io
fromcodewithlove.art
auth.funderpro.com
panel.getlooka.com
confirm.gettabzdev.com
goandget.app
soapamz.gob.mx
outdoor-camp.hisabdev.com
homeschoolmccool.com
jeff.hstc.com.br
hxbuddy.ca
idososimedai.com
shan.in.net
bnb.inmobileservices.com
jorastats.net
jordieknowles.com
koreadisclosure.io
www.kylejohnston.dev
lavipix.com
leadsis.com.br
matman.app
www.meal2list.com
mamaspizza.megapos.store
www.misalabs.ai
nextstepchild.com
playeragent.ai
prinseslena.be
project-tokachi.org
virtualbid-admin.pujasweb.co
monitoring.qikserve.com
qmever.com
reocloud-theo.reoriginal.com
retrovisor.media
rt-reinigungen.com
scribality.com
www.secumsa.com.mx
admin.shiur.cloud
www.spicesolutionsgd.com
sunrisesummitresort.com
fight.sushibyte.io
munozguevarawedding.swan.lat
swga.golf
tangibly.link
www.tech-college.jp
legacyapp.sandbox.thatch.co
thelivinglettersart.com
www.together4u.com
tryaffinify.com
test-app.edu.utilo.co
webtabel.ru
compose.writeline.app
xaynhathuanphat.com
www.yusong.online
zapalamarket.com
app.zel-global.com
zlotetarasy.app
Other domains in certificate