Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=onestopgmshop.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 13, 2025
Valid Until
February 11, 2026
82 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6E:10:A6:A4:11:1D:43:0A:7B:E1:7C:42:E5:77:91:25:CA:BC:D7:9D:67:56:AA:11:17:0D:2D:9E:A5:23:F3:4B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
spinizoglobal.com
ai-employee.org
www.alexnewby.com
freemusicvideodownloader.apptget.com
atraves.net
axonwave.co.uk
axonwave.uk
qa-mobile.bestwallet.com
www.billw.blog
uat-admin.bluuu.co
www.boaznradar.de
clipwork.io
qa-candidate.cnect.jobs
devwebapp-event.compusystems.com
www.contractorscentre.com
oauth.crepme.com
dcjpy.dev
www.digitalpants.dev
www.dollface.net
aeon.dostow.com
ds-giken.com
www.findlayoilerscamps.com
www.foreignconnect.org
gogenesis.com.au
gondergelsin.info
pay.wpay1.gr4vy.app
dev.housing.grupoxalka.com
www.highlightsnft.com
hkytsa.org
huhtecoy.fi
dcmhflsa.ilymgroup.com
industriascodcol.com
vlad-kristina.invito.link
www.invitostaffingsolutions.com
jeremiahlynn.dev
www.jewelsgleam.com
jignesh.world
www.juliane-und-denis.de
link.klinic.care
dashboard.kurios.la
lakshmi-enterprises.in
lbs-im-landkreis-esslingen.de
casting.lefty.io
catalogo.lememilitar.com
liferoadmap.design
matthewlundeen.com
www.maxwell-lt.com
app.mesari.llc
www.meslekilgi.com
www.miamijunkmovers.com
www.moduminting.com
www.temp-ppc.myelinz.com
www.nextleveltaiji.com
truco.niko.works
www.novant.com.au
nusaconnect.org
offline-order.com
onestopgmshop.com
veritas.or.id
wokpassion.pedidomovil.es
nrsp.pexile.com
pipoca.app
praxis-hilbig.de
www.princedroptaxi.com
puresipwater.in
www.puresipwater.in
qudex.xyz
www.quidvid.com
www.ramdiecorp.com
www.richierichicecreams.com
admin.rotoolbox.org
rsa.bio
connect-ng-warehouse.rxoconnectint.rxo.com
customer.rxoconnectint.rxo.com
www.sanatanmantra.com
sea-unity.com
shinehill.org
beta.shoprocketapp.com
admin.p.silver-smok.com
www.softwarelabx.com
solve.solvelayer.com
sonamhandcraft.in
sorbello.nl
terresdarmorhabitat.speakylink.com
talentiaa.com
tmdigital-stag.terramagna.com.br
www.thetealtowel.com
www.thinkinsure.com
www.titlecaps.com
demo.toeicmentors.com
tunespire.com
turquoisse.com
typhoon.cash
vica.one
www.vshadholdings.com
textify.vteam.com
www.whocan.dev
wtispace.com
yensi.homes
www.yourteamjustsucks.com
Other domains in certificate