Open
Cached
·
just now
95/100
SECURITY SCORE
Certificate Information
Subject
CN=support.thabs.com.au
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
December 16, 2025
Valid Until
March 16, 2026
73 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BF:B6:E2:59:DF:80:72:2D:AA:D3:CB:F0:4C:46:00:5A:3A:79:15:33:60:4F:94:B2:D2:56:7E:BA:17:D1:E7:40
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=63072000;includeSubDomains
Content-Security-Policy
Basic
script-src; object-src; base-uri; +1 more
script-src 'self' 'strict-dynamic' static.zohocdn.com salesiq.zoho.com dtzpfzv31buvf.cloudfront.net cdn.pagesense.io js.zohocdn.com widgets.zohosalesiq.com zohotagmanager.cdn.pagesense.io 'nonce-ba57207fae62bfae227d9a317499c6ac';object-src 'none';base-uri 'self' static.zohocdn.com;report-uri https://logsapi.zoho.com/csplog?service=support;
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Present
accelerometer=(), ambient-light-sensor=(), bluetooth=(), compute-pressure=(), document-domain=(), encrypted-media=(), gamepad=(), gyroscope=(), hid=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), speaker-selection=(), usb=(), xr-spatial-tracking=()
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 4 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
- • Consider adding 'issuewild' records to control wildcard certificate issuance
Subject Alternative Names
57 domains
support.handdn.com
support.3ding.in
res.africaleisuretravel.mu
support.agorasrl.cloud
support.anglia-forwarding.co.uk
support.arisoftglobal.com
help.asnity.com
support.bellefontecofc.org
soporte.bimind.es
appointments.blueribbonproject.org
service.cfabllc.com
helpdesk.clm.com.br
soportepdv.prodevelop.com.ec
support.compchain.io
clientes.emma-services.tech
support.fast-pc.be
help.fivetwo.org
support.flycoglobal.com
support.gabbart.com
catechs.wildern.hants.sch.uk
supportdesk.iliad-solutions.com
support.invariant.io
suporte.itransport.com.br
hello.kindtyme.com
bots-help.kwench.com
help.letsocify.com
support.maned.com
omnia.masin.co
mysupport.mediabrands360.com
support.misely.com
assistance-interne.mobix.fr
support.musegravity.com
suporte.flux.net.br
suporte.oficinasoft.com.br
support.onlinemastery.co.uk
support.paperlessenvironments.com
support.plancover.com
support.pngcompressor.com
support.progressivedentalmarketing.com
support.remotechusa.com
support.scansamerica.com
support.seccom.ro
support.sundial.io
support.targetvisioncam.com
support.thabs.com.au
support.thesignalgroup.com
support.unidoses.com
soporte.upinvoices.com.mx
support.warrenits.com
support.websiteheroes.net
sac.wemystic.com.br
help.es.zappysoftware.com
help.fr.zappysoftware.com
help.pt.zappysoftware.com
managedservices.zurigroup.com
njsn.zurigroup.com
help.zylcares.com
Other domains in certificate