Open
Cached
·
just now
88/100
SECURITY SCORE
Certificate Information
Subject
CN=www.designcenter.tv
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 28, 2025
Valid Until
February 26, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0B:F1:72:CE:C5:EA:46:9D:83:89:78:DE:88:0A:58:64:94:FE:14:26:9B:E9:AE:52:A5:6F:90:3D:39:00:48:7D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Good
default-src; style-src; font-src; +1 more
default-src https://*.thrive.uk.com ; style-src https://fonts.googleapis.com https://*.thrive.uk.com 'unsafe-inline' ; font-src https://fonts.gstatic.com ; connect-src https://firestore.googleapis.com
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Strengthen CSP by removing 'unsafe-eval'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
stage.aviva.quiz.thrive.uk.com
wildcardsports.12traits.com
cards.adamraine.com
adrien-vdk.dev
agentic-ad.com
www.airakas.com
vip.airportspeedpark.com
www.alexg.io
andrewy.me
www.anonsys.tech
autoboy.eu
aysh.com.br
b.18203882.xyz
rits.bertramdesigns.com
briverugby.deeplinks.bfansports.com
bryanoyloe.com
caesuramedia.org
clientidev.cantinedellacorte.com
cherrytreesgardeningcornwall.com
4minds.clau.io
clearnotices.com
islandviewcondo.com.sg
mikemike.com.sv
actinno.com.tw
www.sfedorenko.com.ua
auth-dev.companiions.com
curae-crafts.com
www.cycle2go.in
cytech.com.br
form.datakemenagbangkep.com
booking.decodedetroit.com
www.designcenter.tv
www.drcitulenco.md
dungeon.box
kanban.e-edev.de
cdn.ecellar-rw.com
el-resbalon.com
app.enfra.ai
eskimobros.xxx
open.exceptionalalien.com
protagonista-beta.felipemarx.com.br
ro.test.funeasylearn.com
fuzzyfelons.com
fvr.me
www.gimfinancial.com
admin.graphitewriter.com
haifa-tv.com
www.hcmanifesto.org
heremeditation.com
staging.herface.uk
d-meter-gestagua.hidroconta.com
hupulaanen.fi
plataforma.imaginakids.com.br
flowerbg.infinitybullet.com
msaccess.invita.gmbh
www.iosifnichita.com
widget-messenger.isoz.me
firebase.janpohlmann.de
www.juan.lu
tajfel.kakumei.com.mx
kauilenergy.com
www.laricasb.com
www.learningmath.org
www.lifeofobjects.co.uk
www.luckythai.ca
marktheunissen.com
www.michaelcodes.com
devapp.naibly.com
gn.stg.nexusplatform.co.uk
www.notacamelini.com
app.operadoor.com
api.pendla.com
login.pgslot444.me
poshelitecarservice.com
premion-tools.com
propertyecho.ai
web.pia.rainbytes.com
clubryzen-test.raxar.com.ar
responzhub.com
riskula.fi
scalaalgorithms.com
collaborate.science4africa.org
scrapwrk.com
app.sently.fr
www.silviamorenoromero.es
singnano.com
sipplanner.app
www.speechpathologytampabay.com
www.staige.be
taurasolucoes.com.br
tensorgeeks.com
www.theartificialmind.co.uk
thewheelist.com
tiendalasmotos.com
www.urlo.app
usetruffle.com
kundenportal.uvk.at
share.wackenradio.de
portal.wehealth.org
next.witful.dev
Other domains in certificate