Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.formitize.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 08, 2025
Valid Until
February 06, 2026
81 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
94:2A:F4:08:51:05:D7:33:E6:44:CC:AE:3B:3F:09:45:79:9F:4F:EE:C4:F1:CD:23:BE:AF:9B:3D:B5:76:AD:32
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
tada.dev
ambessa.online
avnet.io
admin.awaio.com
me.blubnana.xyz
bolel.dev
bookstack.app
serviceapp.bounce.bike
www.brianlowther.dev
chabak.site
www.childcarecenter.help
cnsbrasil.com.br
dashboard.samhealth.co.in
talal-law.com.sa
formularios.comfenalcovalle.com.co
tonicindex.dataware.dev
felicino.desimone.dev
www.devasoft.in
www.discount-finance.com
www.divpper.com
dosen.beer
auth-firebase.testeapps.eitvcloud.com
www.ektajagrukta.in
archive.audit.elight.com
elknut.app
exiters.xyz
wordcode.felipenipper.com
www.finmet.org
fixmytext.pro
app.formitize.com
omni.futurity.technology
hagestam.com
www.hagestam.com
coffee.halalhbb.dev
www.headphones.science
facilities-dev.hotwaxsystems.com
job-manager-dev.hotwaxsystems.com
pps.html5.run
zodakishere.id.vn
icon.inohom.link
cdn.ipsvietnam.vn
admins.kampaignlive.com
www.kgnrice.com
www.kikashionline.com
www.korastak.com
www.kroatie.pro
password.lckr.io
lemonview.biz
logostudio.fi
lost-monsters.com
www.magnoliagardens.in
folloni777.maquetedebolso.com.br
md-notes.net
www.mercerelectrical.com
metrodevgroup.com.au
landing.mineyourtime.com
oshimono.nagidev.com
push.notif.nc
okeyauth.com
kallakurichi.onewaytaxiwala.com
phathocit.me
archiv.phoenixrise.cz
www.physio-heikeredlich.de
verify.auth.pixipass.com
verify.auth.staging.pixipass.com
www.planexrenovations.ca
pozalweb.es
www.propiedadesdomingofuentes.com
ticket.ra-menda.dev
sso.hom.auth.roit.ai
rtrimoveis.com.br
itsnothacker.run.place
illustrated-galicia.ruralhackers.com
skillrhino.com
www.stavninasvet.com
www.stepspropiedades.cl
www.taishar.net
www.teracy.link
demo-pay.tesel.tech
www.thefridge.online
ascend.thenextapp.nl
thesimplechemics.de
tiktech.one
hercres.timp.io
namastepilatesstudio.timp.io
tinkerable.site
raia-tz.trevior.com
www.tridecalabs.com
trillmate.com
www.twenty.io
tylerhendrickson.me
vetriinsights.com
www.vincevahala.com
colorcraftpro.waynetechlab.com
websync-for-notebooklm.com
www.wedobits.ie
www.willisra.com
www.lab.wizzi.io
game.yaziki.net
vendors.zamakan.om
Other domains in certificate